login bug

Question

auwi987 0 Light Poster

12 Years Ago

guy's i encounter new problem again i write a login system that if users input is correct the mainform will show,enable and focus.., if not he/she only have 3 attempts to log in and it will close .., the problem is if input is correct login form it not focus and enable the mainform ., and cannot check 3 attempt if input is wrong.... need help guys thnx

here's code

private void check()
        {
            cls_con.cn.Open();
            try
            {
                MySqlCommand cmdCheck = new MySqlCommand("select UserName, Password from tblUser where Username='"+txtUserName.Text+"' and Password='"+txtPassword.Text+"'", cls_con.cn);
                MySqlDataReader drd = cmdCheck.ExecuteReader();
                while(drd.Read()){
                    string p1=txtUserName.Text, p2=txtPassword.Text;
                    if (p1 == drd["UserName"].ToString() && p2 == drd["Password"].ToString())
                    {
                        MessageBox.Show("thanks your IN");
                        frmMain fmain = new frmMain();
                        fmain.Activate();
                        fmain.Enabled = true;
                        this.Close();
                    }
                    else
                    {
                        Counter = Counter + 1;
                        txtUserName.Text = "";
                        txtPassword.Text = "";
                        txtUserName.Focus();
                        if (Counter == 2)
                        {
                            this.Close();
                            MessageBox.Show("hey your an asshole");
                        }
                    }
                    
                }
                drd.Close();
                cls_con.cn.Close();
                cmdCheck.Dispose();
            }
            catch (Exception exp) {

                cls_function.setCreateError(exp.Message);
            }
        }

3 Contributors
4 Replies
102 Views
3 Days Discussion Span
Latest Post 12 Years Ago Latest Post by auwi987

All 4 Replies

Momerath 1,327 Nearly a Senior Poster

12 Years Ago

MySqlCommand cmdCheck = new MySqlCommand("select UserName, Password from tblUser where Username='"+txtUserName.Text+"' and Password='"+txtPassword.Text+"'", cls_con.cn);

Learn to use Parameterized queries. What happens if someone types in "blah'; drop table tblUser;" in the password box (exclude the " but keep everything else)?

Edited 12 Years Ago by Momerath because: n/a

kvprajapati commented: Correct. +15

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

auwi987 0 Light Poster · Answer 1 · 2011-08-04T18:28:09+00:00

btw i have my counter variable outside the context

hericles 289 Master Poster Featured Poster · Answer 2 · 2011-08-06T09:38:19+00:00

Have you debugged your code while running it? Is the if statement even being called? Because if neither of the if sections get entered then it would appear your dataReader is empty and cannot read.

auwi987 0 Light Poster · Answer 3 · 2011-08-08T05:56:10+00:00

thnx for rply i already figure out.., maybe can you help me in my next challenge i need to create external class using cryptography i need to shacryptoserviceprovider and tripledescryptoserviceprovider can you help me?

login bug

Recommended Answers Collapse Answers

All 4 Replies

Recommended Answers