-1

I'm student and I have one project, to make a program and database for Coffee shop.

I have login window and it's connected with mysql database. You have only textbox for enter password and when you enter correct password(password is in database) you are logged on, and move to another form(main interface). Now I want to only display name of logged user and I don't know how to...

This is the code, I'm from Croatia so some of words are Croatian.

        public void button_1_Click(object sender, EventArgs e)
    {
        
        
        string upit = "SELECT * FROM zaposlenik WHERE sifra_z = '" + textbox_prijava.Text+"'";
        string manager = "SELECT * FROM manager WHERE sifra_m = '" + textbox_prijava.Text + "'";

        MySqlDataAdapter sda = new MySqlDataAdapter(upit, connection);

        DataTable tablica = new DataTable();

        sda.Fill(tablica);

        MySqlDataAdapter sda2 = new MySqlDataAdapter(manager, connection);

        DataTable tablica2 = new DataTable();

        sda2.Fill(tablica2);

        if (tablica.Rows.Count >= 1 || tablica2.Rows.Count >= 1)
        {
            GlavnoSučelje x = new GlavnoSučelje();
            x.Show();
            this.Hide();
        }
        else if (textbox_prijava.Text == "")
        {
            MessageBox.Show("Niste upisali šifru!", "Greška", MessageBoxButtons.OK, MessageBoxIcon.Error);
        }
        else
        {
            MessageBox.Show("Kriva šifra konobara!", "Greška", MessageBoxButtons.OK, MessageBoxIcon.Error);
        }


        textbox_prijava.Clear();
mvisnjic
  • 3
  • 4
  • Do you mean that you look up the user just from their password (so every user must have a different password) or do you get the username from somewhere else, like the name of the person who is logged into windows? – Caius Jard Jan 17 '21 at 19:40
  • I want to display name from their password, etc. In database is John Smith and pw is 1234.When you enter password you logged on. I want to display John in main interface, but main interface and Login interface are two different forms. – mvisnjic Jan 17 '21 at 19:44
  • They might be different forms but they're part of the same program so the data can be easily passed around.. just select the username based on the password. I don't recommend creating a system where password alone identifies a user; people reuse passwords all the time – Caius Jard Jan 17 '21 at 19:51
  • I put public in login form but i cant access from main interface.. Yes but how, SELECT name FROM workers WHERE password = What? – mvisnjic Jan 17 '21 at 19:58
  • One way would be to create a class with a static property which can hold the user name – stuartd Jan 17 '21 at 20:22

1 Answers1

0

This is what I would do.

Have a static class to save user details:

 public class UserDetails
    {
        private static string _username;

        public static string Username
        {
            get
            {
                return _username;
            }
            set
            {
                _username = value;
            }
        }       
    }

Here we are logging in and saving user details.

public partial class Login : Form
    {
        public Login()
        {
            InitializeComponent();
        }

        //Login Button
        private void loginBtn(object sender, EventArgs e)
        {
            //MySQL connection to retrieve user details into a class on successful log in
            using (var conn = new MySqlConnection(ConnectionString.ConnString))
            {
                conn.Open();
                //Get count, username
                using (var cmd = new MySqlCommand("select count(*), username from users where username = @username and password = MD5(@password)", conn))
                {
                    cmd.Parameters.AddWithValue("@username", usernameTextBox.Text);
                    cmd.Parameters.AddWithValue("@password", passwordTextBox.Text);

                    cmd.ExecuteNonQuery();
                    DataTable dt = new DataTable();
                    MySqlDataAdapter da = new MySqlDataAdapter(cmd);
                    da.Fill(dt);

                    //Check whether user exists
                    if (dt.Rows[0][0].ToString() == "1")
                    {
                        //If the user exist - allow to log in

                        //Store the information from the query to UserDetails class to be used in other forms
                        UserDetails.Username = dt.Rows[0][1].ToString();

                        //Hide this form and open the main Dashboard Form
                        this.Hide();
                        var dashboard = new Dashboard();
                        dashboard.Closed += (s, args) => this.Close();
                        dashboard.Show();
                    }

                    //If failed login - show message
                    else
                    {
                        MessageBox.Show("Login failed", "Technical - Login Error", MessageBoxButtons.OK, MessageBoxIcon.Warning);
                    }
                }
            }
        }
    }

To use the username.. just simply use UserDetails.Username

Eduards
  • 1,734
  • 2
  • 12
  • 37
  • No point selecting COUNT(*). Decide whether you're putting username in the SELECT or the WHERE; one or the other but both is illogical(it can only be one based on the Q as specified). Also, this code will IOOB exception easily – Caius Jard Jan 17 '21 at 20:30
  • @CaiusJard That's one method I use. If there are multiple users, then `COUNT(*)` is useful to determine if user exists, only when correct username and password are provided. – Eduards Jan 17 '21 at 20:33
  • Count will only ever be 1 or nothing (no rows) unless the table design is really poor (and the same user is present multiple times); it is hence rather pointless, and in most databases(including MySQL if only full group by mode is on) this SQL would throw an error and die in a heap – Caius Jard Jan 17 '21 at 20:34
  • @CaiusJard If it is null, then the credentials are incorrect? – Eduards Jan 17 '21 at 20:34
  • If it throws an index out of bounds then the creds are incorrect, yes – Caius Jard Jan 17 '21 at 20:37
  • @CaiusJard What's an IOOB exception never heard of it.. it's not a try catch statement? – Eduards Jan 17 '21 at 20:39
  • https://stackoverflow.com/questions/20940979/what-is-an-indexoutofrangeexception-argumentoutofrangeexception-and-how-do-i-f – Caius Jard Jan 17 '21 at 20:49
  • yes, but i don't have textbox for username, users login on only with password. – mvisnjic Jan 18 '21 at 14:58
  • @tejj77 Okay, please share your table schema in your database – Eduards Jan 18 '21 at 15:14
  • CREATE TABLE manager ( id INTEGER AUTO_INCREMENT NOT NULL UNIQUE, sifra_m VARCHAR(11) NOT NULL UNIQUE, OIB VARCHAR(11) NOT NULL UNIQUE, ime CHAR(30), prezime CHAR(30), datum_zaposlenja DATETIME DEFAULT NOW(), placa INTEGER DEFAULT 6500, PRIMARY KEY(id), CHECK (placa >= 6500) ); this is for manager sifra_m is pass – mvisnjic Jan 18 '21 at 15:19
  • CREATE TABLE zaposlenik ( id INTEGER AUTO_INCREMENT UNIQUE, sifra_z VARCHAR(10) NOT NULL UNIQUE, OIB VARCHAR(11) NOT NULL UNIQUE, ime CHAR(30), prezime CHAR(25), datum_zaposlenja DATETIME DEFAULT NOW(), placa INTEGER DEFAULT 4500, PRIMARY KEY (id), CHECK (placa >= 4500) ); and worker sifra_z is pass – mvisnjic Jan 18 '21 at 15:20
  • @tejj77 Which column is password? – Eduards Jan 18 '21 at 15:20
  • And the username? – Eduards Jan 18 '21 at 15:27
  • dont have username, only name(ime) and surname(prezime) i want to display only a name(ime) – mvisnjic Jan 18 '21 at 16:08