Member Avatar for SMG0723

I am a beginner and I would like to know whats wrong with my code why it is not working.
I am trying to create a login form

private void btnSignIn_Click(object sender, EventArgs e)
        {
            string ConString;
            ConString = "Data Source=.;Initial Catalog=docworx;UserID=sa";
            SqlConnection DbCon = new SqlConnection(ConString);

            m_Login = this.txtUsername.Text;
            String StrPassword = this.txtPassword.Text;

            if(m_Login = null |= StrPassword = null)
            {
                MessageBox.Show("You are missing information.Please make sure that both the username and password fields are filled out.","Missing Info");
                this.txtUsername.Focus();
                return;
            }

            String StrSql = "Select userid,password Form Login Where userid="'+m_Login+'"";
            SqlCommand cm = new SqlCommand(StrSql,DbCon);
            SqlDataReader dr;
            Boolean valid = false;
            Boolean HasRows = false;
            try
            {
                DbCon.Open();
                dr = cm.ExecuteReader();

                if(dr.HasRows)
                {
                    while(dr.read())
                        if(StrPassword == dr.Item("password"))
                        {
                            valid = true;
                        }
                    HasRows = true;
                }
                dr.Close();
            }
            catch(Exception exo)
            {
                MessageBox.Show(exo.Message);
            }
            finally
            {
                if(DbCon.State == ConnectionState.Open)
                {
                    DbCon.Close();
                }
                cm = null;
                dr = null;
                DbCon.Dispose();
                GC.Collect();
            }
            iCount = iCount + 1;
            if (valid == true)
            {
                this.Hide();
                frmMain.Show();
            }
            else
                if (iCount == 3)
                {
                    MessageBox.Show("Contact Administrator!", "Invalid Info");
                    this.Close();
                }
                else
                    if (HasRows == false)
                    {
                        MessageBox.Show("Invalid user name, try again!", "Invalid Info");
                        this.txtUsername.Focus();
                        this.txtUsername.Text = " ";
                        this.txtPassword.Text = " ";
                    }
                    else
                    {
                        MessageBox.Show("Invalid password, try again!", "Invalid Info");
                        this.txtPassword.Focus();
                        this.txtPassword.Text = " ";

                    }


            
        }
  • 4 Contributors
  • 3 Replies
  • 70 Views
  • 2 Days Discussion Span
  • Latest Post Latest Post by fuzzelogic
Member Avatar for selvaganapathy

Hi, I found two errors, It may be typo mistake

1. if(m_Login = null |= StrPassword = null) can be changed as if(m_Login == null || StrPassword == null) ___
2. String StrSql = "Select userid,password Form Login Where userid="'+m_Login+'""; can be changed as String StrSql = "Select userid, password From Login Where userid='" + m_Login+ "'";

Member Avatar for LizR

Failing that any errors you're getting on compile or run would help us help you

Member Avatar for fuzzelogic

hi!
If you're using 2.0 you can use . string.IsNullOrEmpty to check your strings. and its far safe to use string.format on sql queries. eg.
string sql = string.Format("Select userid, password From Login Where userid='{0}'",m_login);

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.