0

I'm having a hard time coding in my login form. I need to authenticate users like admin and/or student. Can you please help me know the right query for this matter? I need this for my project. This is my code so far, this is for admin only. I want to include codes for student if they log in.

 private void login_Click(object sender, EventArgs e)
    {
        try
        {
            string myConnection = "datasource = localhost;port=3306;username=root;password=";
            MySqlConnection myConn = new MySqlConnection(myConnection);
            MySqlCommand SelectCommand = new MySqlCommand("select username, password from library_sys.tbl_users where username = '" + this.txtusername.Text + "' and password = '" + this.txtpword.Text + "';", myConn);
            MySqlDataReader myReader;
            myConn.Open();
            myReader = SelectCommand.ExecuteReader();
            int count = 0;

            while (myReader.Read())
            {
                count = count + 1;
            }
            if (count == 1)
            {
                MessageBox.Show("Welcome to the LIBRARY MANAGEMENT SYSTEM!");
                this.Hide();
                Librarian lib = new Librarian();
                lib.Show();
            }
            else
            {
                MessageBox.Show("Invalid username or password.");
                myConn.Close();
            }
            myConn.Close();
        }
        catch (Exception ex)
        {
            MessageBox.Show(ex.Message);
        }
Improve this question
13
  • This question contains insufficient information. Please provide your attempt (whatever you have tried so far), otherwise it's pretty much impossible for us to help you. Commented Jul 30, 2016 at 19:42
  • 1
    Please use parameters, don't concatenate strings into SQL. You're open for injection attacks and will have trouble with many inputs Commented Jul 30, 2016 at 19:52
  • 1
    You should never store passwords as plaintext. Hash and salt them. Commented Jul 30, 2016 at 19:55
  • Can you give me an example using parameters? @SamiKuhmonen Commented Jul 30, 2016 at 19:58
  • 1
    @LosManos neither is right fit, see Why are implementation and debugging questions unwelcome on Programmers.SE? and CR.SE help center requirement for working code. Please abstain of recommending sites you're not familiar with Commented Jul 30, 2016 at 21:46
Related questions
1
how to create a secure login with ASP.NET and MySql
0
login system with mySql database
5
Check Mysql DB for username and password C#
Load 7 more related questions Show fewer related questions

0

Reset to default

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.