Been having problems with this for a couple of days. I'm working on a login screen with a simple username and password, and having everything store in a database. Pretty much I need to to check to see if the username and password match up and also see if if there account is activated(either a 0 or 1). I have been having problems with this and can't seem to get it to work correctly. Any help is appreciated.
DB Mysql
private void loginButton_Click(object sender, EventArgs e)
{
AdamPanel blarg = new AdminPanel();
string pass, user;
string password = "";
string username = "";
user = usernameBox.Text;
pass = passwordBox.Text;
DataSet bb = new DataSet();
string connectionString = "datasource=stuff;database=users";
MySqlConnection mysql = new MySqlConnection(connectionString);
MySqlDataAdapter adapter = new MySqlDataAdapter();
adapter.SelectCommand = new MySqlCommand("SELECT * FROM RegularUsers WHERE Username = '" + user + "' AND Password = '" + pass + "'", mysql);
adapter.Fill(bb);
if(bb.HasRows)
blarg.Show();
return 0;
}
}
}
still not working any ideas?
First of all PLEASE hash and salt your passwords. Make sure your username/pw arn't sql injection vulnerable since you're not using a language with parameterized queries... prolly best using stored procs as i believe MySql has them now.
However, in spite of this... i think this is what you're looking for.
public int Load()
{
string connectionString = "datasource=STUFF YOU SHOULDNT SEEdatabase=users";
MySqlConnection mysql = new MySqlConnection(connectionString);
MySqlDataAdapter adapter = new MySqlDataAdapter();
mysql.SelectCommand = new MySqlCommand("SELECT * FROM [RegularUsers] WHERE Username = '" + this.username + "' AND Pass = '" + this.password + "'", conn);
mysql.Fill(dataset);
if (dataset.HasRows)
return 1;
return 0;
}
public bool ValidateLogin(string username, string password)
{
MySqlConnection conn = new MySqlConnection("[YOURCONNECTIONSTRING]");
MySqlDataAdapter adapter = new MySqlDataAdapter();
adapter.SelectCommand = new MySqlCommand("SELECT * FROM [YOURUSERTABLE] WHERE Username = ? AND Pass = ?", conn);
adapter.SelectCommand.Parameters.Add("@Username", username);
adapter.SelectCommand.Parameters.Add("@Password", password);
adapter.Fill(dataset);
If (dataset.HasRows)
{
// User is logged in maybe do FormsAuthentication.SetAuthcookie(username);
return true;
} else {
// Authentication failed
return false;
}
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With