0

Pro devs, I have a problem with my code in c#.net and I knew you can help me. the problem is in the Login code, every time I entered a value that is existed in the database it says "Username or password is incorrect" and when I entered a value that does not exist in the DB it says again "Username or password is incorrect" please help me thank you.

I have tried to edit the query and remove the open close in the asterisk but the output is the same.

public void checkLoginAccount()
    {
        frmMain frmLogin = new frmMain();
        con = new MySqlConnection();
        con.ConnectionString = "server=localhost;userid=root;password=alpine;port=3305;database=pos_db;pooling=false;SslMode=none";

        con.Open();
        string qry = "SELECT COUNT(*) FROM pos_db.tbllogin WHERE BINARY Username=@user AND BINARY Password=@pass";
        MySqlCommand cmd = new MySqlCommand(qry, con);
        cmd.Parameters.AddWithValue("@user", frmLogin.txtUsername.Text);
        cmd.Parameters.AddWithValue("@pass", frmLogin.txtPassword.Text);

        int count = Convert.ToInt32(cmd.ExecuteScalar());

        if (count != 0)
        {   
            MessageBox.Show("Welcome");
        }
        else
        {
            MessageBox.Show("Either username or password is incorrect!");
            return;
        }
        con.Close();
        con.Dispose();
    }
Improve this question
3
  • 1
    stackoverflow.com/questions/1054022/… Commented Jun 24, 2019 at 11:45
  • What file is the checkLoginAccount method in? Commented Jun 24, 2019 at 11:47
  • the checkLoginAccount method is from another class. Commented Jun 25, 2019 at 1:44

2 Answers 2

Reset to default
4

You are creating a new form instance in your function:

 frmMain frmLogin = new frmMain();

So the username and password are always empty here:

cmd.Parameters.AddWithValue("@user", frmLogin.txtUsername.Text);
cmd.Parameters.AddWithValue("@pass", frmLogin.txtPassword.Text);

You need to use the right instance of your form.

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

Basic debugging checking the variable value. Good catch.
Elias N What do you mean I need to use the right instance of my form?
I remove the new form instance "frmMain frmLogin = new frmMain" and use the original name of my form and I get a syntax error shows "An object reference is required for the non-static field, method, or property".
-1

Try reading the rows and count in the code. That should look something like this:

string qry = "SELECT Username FROM pos_db.tbllogin WHERE BINARY Username=@user AND BINARY Password=@pass";
        MySqlCommand cmd = new MySqlCommand(qry, con);
        cmd.Parameters.AddWithValue("@user", frmLogin.txtUsername.Text);
        cmd.Parameters.AddWithValue("@pass", frmLogin.txtPassword.Text);

        mySqlDataReader reader = cmd.ExecuteReader();
        if(reader.Read() == true)
        {
            MessageBox.Show("Welcome");
        }
        else
        {
            MessageBox.Show("Either username or password is incorrect!");
            return;
        }
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.