0

Ok, I'm a newbie c# and SQL learner.

I have a login form that connects to a SQL Server database. It was working earlier on my VS 2010 (Adm_page form and main_page form were displaying) and today it stopped displaying just the IDE showing ready.

Here is the code:

String query = "Select Count(*) from Login where Username ='" + Usn_txt.Text + "'and Password ='" + Psw_txt.Text + "' and Mode ='" + comboBox1.Text + "';";

SqlConnection con = new SqlConnection(con_string);
SqlDataAdapter da = new SqlDataAdapter(query, con);

DataTable dt = new DataTable();
da.Fill(dt);

if (dt.Rows[0][0].ToString() == "1")
{
        SqlDataAdapter da1 = new SqlDataAdapter("Select Mode from Login Where Username ='" + Usn_txt.Text + "'and Password ='" + Psw_txt.Text + "'", con);
        DataTable dt1 = new DataTable();
        da1.Fill(dt1);

        if (dt1.Rows[0][0].ToString() == "Admin")
        {                
            this.Hide();

            Adm_page aa = new Adm_page(Usn_txt.Text);
            aa.ShowDialog();
            Usn_txt.Clear();
            Psw_txt.Clear();
            this.Show();
        }
        else if (dt1.Rows[0][0].ToString() == "Student")
        {                    
            Main_page mm = new Main_page();
            mm.ShowDialog();
            this.Hide();
            Usn_txt.Clear();
            Psw_txt.Clear();
            this.Show();
        }
}
else
{
        MessageBox.Show("Username and Password Error");
}

As I said earlier, the form was displaying up till today when it stopped. I realised it had something to do with the nested if statement because when I run this only

String query = "Select Count(*) from Login where Username ='" + Usn_txt.Text + "'and Password ='" + Psw_txt.Text + "' and Mode ='" + comboBox1.Text + "';";
SqlConnection con = new SqlConnection(con_string);
SqlDataAdapter da = new SqlDataAdapter(query, con);    

DataTable dt = new DataTable();
da.Fill(dt);

if (dt.Rows[0][0].ToString() == "1")
{
    this.Hide();

    Adm_page aa = new Adm_page(Usn_txt.Text);
    aa.ShowDialog();
    Usn_txt.Clear();
    Psw_txt.Clear();
    this.Show();
 }

The form shows up.

Is there any other way I can solve this issue or bypass this. Please help me out?

marc_s
  • 732,580
  • 175
  • 1,330
  • 1,459
Emma
  • 13
  • 6
  • is it forms (like in html) or winforms? tag your question accordingly! –  Mar 08 '15 at 19:10
  • @Andreas Niedemair winforms – Emma Mar 08 '15 at 19:30
  • Did you try to debug it? Btw, your code has numerous problems and even though you say you're a newbie, you should learn it correctly or else you'll have problems in the future.. – walther Mar 08 '15 at 19:52
  • @walther please tell me the problems.. – Emma Mar 08 '15 at 19:58
  • 1
    Well, for example you construct sql queries in-line by concatenating multiple values together. That can lead to SQL injection (if we were talking about web development) and to various typos in the sql command. You have to deal with multiple quotes, take care to close every brace etc. When number of the parameters increase, the code becomes unreadable very fast and it's problematic to maintain. Next you mix UI code, SQL access and possibly business logic into one file. Nowadays you should look into WPF, as Webforms is kinda outdated and very very very clunky. – walther Mar 08 '15 at 20:14
  • 2
    Furthermore, I'd really advocate against using DataTables, DataSets etc., as it makes refactoring a nightmare. It's good for some scenarios, but I really dislike them and prefer collections of concrete objects instead. When you look at the code and see `List`, you can immediately see what's going on. But when you have to deal with code like `dt.Rows[0][0]`.. Oh dear, that's just horrible. – walther Mar 08 '15 at 20:16
  • @walther how do u suggest i edit this code as it is delaying me, ran the same code on vs 2012 and it gives the same problem. could you explain the List way? Thanks – Emma Mar 08 '15 at 20:25
  • 1
    Create few breakpoints and run it through the debugger to see what's actually going on. That's probably the fastest way of finding out the problem. – walther Mar 08 '15 at 20:27
  • I've done that already ..still not giving me error, the form just doesnt come up...please further help me – Emma Mar 08 '15 at 21:05

1 Answers1

0

Based on your comments and your code, it seems you're not getting the values you're expecting from your database. That's why I wanted you to debug your code, because then you'd see what values you're getting, which branches of your code get executed and so on. It's really important to learn how to debug an application...

These parts are obviously evaluated as false:

if (dt1.Rows[0][0].ToString() == "Admin")

and

else if (dt1.Rows[0][0].ToString() == "Student")

It may be caused by mismatch between a DB value and your inline c# constant, as comparing values like this is case-sensitive. Or maybe you've added a new Mode that doesn't fit any of these conditions.

The code never just stops working on itself, there's always the user involved in some way. So once again - put a breakpoint in Visual Studio and step carefully through the steps, watching what values you're getting and seeing what actually happens behind the curtain. We can't do that for you.

I'll also put my comments about your code here, so it's more visible and clear:

Problems with your code

For example you construct sql queries in-line by concatenating multiple values together. That can lead to SQL injection (if we were talking about web development) and to various typos in the sql command. You have to deal with multiple quotes, take care to close every brace etc. When number of the parameters increase, the code becomes unreadable very fast and it's problematic to maintain. Next you mix UI code, SQL access and possibly business logic into one file. Nowadays you should look into WPF, as Webforms is kinda outdated and very very very clunky.

Furthermore, I'd really advocate against using DataTables, DataSets etc., as it makes refactoring a nightmare. It's good for some scenarios, but I really dislike them and prefer collections of concrete objects instead. When you look at the code and see List, you can immediately see what's going on. But when you have to deal with code like dt.Rows[0][0].. Oh dear, that's just horrible.

You should probably look into disposing of objects that deal with external resources. It maybe doesn't cause you problems at the moment, but it's a good idea to learn the best practices and use them. This has been nicely answered by Tim Schmelter here: How should I correctly dispose of an object?

Community
  • 1
  • 1
walther
  • 13,466
  • 5
  • 41
  • 67