I have a trouble in my login form.

The program doesnt execute my else statement, especially if I'm going input wrong usernames and passwords.

It just did nothing. NO error warnings, etc...

please help.. :(

private bool CompareStrings(string string1, string string2)
        {
            return String.Compare(string1, string2, true, System.Globalization.CultureInfo.InvariantCulture) == 0 ? true : false;
        }

private void btnLogin_Click(object sender, EventArgs e)
        {
            

            SqlConnection Connect = new SqlConnection();
            Connect.ConnectionString = @"Data Source=blah;"
            + @"Initial Catalog= ITFixedAsset;" + "Integrated Security=true";
            Connect.Open();
            SqlCommand cmd = new SqlCommand("SELECT ISNULL(username, '') AS username, ISNULL(password, '') AS password FROM dim_user_accounts WHERE username='" + txtbxUserName.Text + "' and password='" + txtbxPassword.Text + "'", Connect);

            SqlDataReader dr = cmd.ExecuteReader();

            string userText = txtbxUserName.Text;
            string passText = txtbxPassword.Text;


            dr.Read();

            if (CompareStrings(dr["username"].ToString(), userText) && CompareStrings(dr["password"].ToString(), passText))
            {
                MessageBox.Show("Log-in Successful.");
                formMain main = new formMain();
                this.Hide();
                main.Show();
            }
            else 
                MessageBox.Show("Log-in Failed.");

EDIT: NEVERMIND THIS BECAUSE I DIDN'T SEE YOU HAD THE DEFINITION POSTED: Are you sure the CompareStrings method is always return true? From what library is your CompareStrings ? Look at the definition to determine it why it is always returning true.

Why are you selecting the 'matching' record for username and password from your DB, then again checking to see if you have a match?

You are building your SqlDataReader object ( SqlDataReader dr = cmd.ExecuteReader() ), but not reading from it. See this example: http://msdn.microsoft.com/en-us/library/aa326245(VS.71).aspx

Edited 6 Years Ago by DdoubleD: n/a

I have a trouble in my login form.

The program doesnt execute my else statement, especially if I'm going input wrong usernames and passwords.

It just did nothing. NO error warnings, etc...

please help.. :(

Well take a look at this thread
Login screen in C#
May it will help you.....

ok, i redid the structure of my code,
but then again, it just wont execute my else statement:

SqlConnection Connect = new SqlConnection();
            Connect.ConnectionString = @"Data Source=IT_114;"
            + @"Initial Catalog= ITFixedAsset;" + "Integrated Security=true";
            Connect.Open();
            SqlCommand cmd = new SqlCommand("SELECT ISNULL(username, '') AS username, ISNULL(password, '') AS password FROM dim_user_accounts WHERE username='" + txtbxUserName.Text + "' and password='" + txtbxPassword.Text + "'", Connect);

            SqlDataReader dr = cmd.ExecuteReader();

            string userText = txtbxUserName.Text;
            string passText = txtbxPassword.Text;

            try
            {
                while (dr.Read())
                {
                    if (CompareStrings(dr["username"].ToString(), userText) && CompareStrings(dr["password"].ToString(), passText))
                    {
                        MessageBox.Show("Log-in Successful.");
                        formMain main = new formMain();
                        this.Hide();
                        main.Show();
                    }
                    else
                        MessageBox.Show("Log-in Failed.");
                }
            }
            finally
            {
                dr.Close();
                Connect.Close();
            }
        }

Edited 6 Years Ago by psychoangelo89: n/a

If the record containing the values exists, then you only need:

if (dr.Read())
            {
                MessageBox.Show("Log-in Successful.");
                formMain main = new formMain();
                this.Hide();
                main.Show();
            }
            else
                MessageBox.Show("Log-in Failed.");

because if anything exists in the reader then a match was already found.

What I mean to say is that you are already performing a check against the DB for a matching record, so there is no need to also perform your CompareStrings . You can just check the reader dr.Read() contents to see if it found a match...

Edited 6 Years Ago by DdoubleD: n/a

This question has already been answered. Start a new discussion instead.