Hi,
I'm making a login application but i have the following problem.
When an user clicks the button "Login" it is allways correct. I would like to check in my sql database if the user and password match. Does anyone have an idea?
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Data.SqlClient;
using System.Data;
using System.Configuration;
namespace Monopoly.Data
{
public class Database
{
private static String ConnectionString
{
get
{
return @"Data Source=PC-TIM; Initial Catalog=Monopoly; Integrated Security=True";
}
}
// Connectie maken en openen
private static SqlConnection GetConnection()
{
try
{
SqlConnection oCon = new SqlConnection(ConnectionString);
oCon.Open();
return oCon;
}
catch (Exception ex)
{
Console.WriteLine(ex.ToString());
return null;
}
}
// De connectie sluiten en vrijgeven
private static void ReleaseConnection(SqlConnection oCon)
{
if (oCon != null)
{
oCon.Close();
oCon.Dispose();
}
}
private static SqlCommand BuildCommandParameters(String sStoredProcedureNaam, params SqlParameter[] dbParams)
{
SqlConnection oCon = GetConnection();
SqlCommand oCommand = oCon.CreateCommand();
oCommand.CommandType = CommandType.StoredProcedure;
oCommand.CommandText = sStoredProcedureNaam;
if (dbParams != null)
{
foreach (SqlParameter oPar in dbParams)
{
oCommand.Parameters.Add(oPar);
}
}
return oCommand;
}
// Een DataTable ophalen
public static DataTable GetDT(String sStoredProcedureNaam, params SqlParameter[] dbParams)
{
SqlCommand oCommand = null;
try
{
oCommand = BuildCommandParameters(sStoredProcedureNaam, dbParams);
SqlDataAdapter oDA = new SqlDataAdapter();
oDA.SelectCommand = oCommand;
DataTable oDT = new DataTable();
oDA.Fill(oDT);
return oDT;
}
catch (Exception ex)
{
Console.WriteLine(ex.ToString());
return null;
}
finally
{
if (oCommand != null)
{
ReleaseConnection(oCommand.Connection);
}
}
}
// DataReader ophalen
public static SqlDataReader GetDR(String sStoredProcedureNaam, params SqlParameter[] dbParams)
{
SqlCommand oCommand = null;
SqlDataReader oDR = null;
try
{
oCommand = BuildCommandParameters(sStoredProcedureNaam, dbParams);
oDR = oCommand.ExecuteReader(CommandBehavior.CloseConnection);
return oDR;
}
catch (Exception ex)
{
Console.WriteLine(ex.ToString());
return null;
}
finally
{
if (oCommand != null)
{
ReleaseConnection(oCommand.Connection);
}
}
}
// Slechts 1 resultaat teruggeven
public static Object ExecuteScalar(String sStoredProcedureNaam, params SqlParameter[] dbParams)
{
SqlCommand oCommand = null;
try
{
oCommand = BuildCommandParameters(sStoredProcedureNaam, dbParams);
Object oObject = oCommand.ExecuteScalar();
return oObject;
}
catch (Exception ex)
{
Console.WriteLine(ex.ToString());
return null;
}
finally
{
if (oCommand != null)
{
ReleaseConnection(oCommand.Connection);
}
}
}
// SQL zonder terugkeer resultaat uitvoeren
public static void ExcecuteSQL(String sStoredProcedureNaam, params SqlParameter[] dbParams)
{
SqlCommand oCommand = null;
try
{
oCommand = BuildCommandParameters(sStoredProcedureNaam, dbParams);
oCommand.ExecuteNonQuery();
}
catch (Exception ex)
{
Console.WriteLine(ex.ToString());
}
finally
{
if (oCommand != null)
{
ReleaseConnection(oCommand.Connection);
}
}
}
}
}using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Windows;
using System.Windows.Controls;
using System.Windows.Data;
using System.Windows.Documents;
using System.Windows.Input;
using System.Windows.Media;
using System.Windows.Media.Imaging;
using System.Windows.Shapes;
using System.Data.SqlClient;
using Monopoly.Connector;
using Monopoly.Library;
namespace Monopoly.UI
{
/// <summary>
/// Interaction logic for LoginWindow.xaml
/// </summary>
public partial class LoginWindow : Window
{
Gateway connector = Gateway.Instance;
public LoginWindow()
{
InitializeComponent();
}
private void btnLogin_Click(object sender, RoutedEventArgs e)
{
if (ValidateLogin())
{
try
{
Player validPlayer = connector.Proxy.VerifyUserInput(txtUserName.Text, txtPaswoord.Password);
if (validPlayer != null)
{
Start(validPlayer);
}
else
{
MessageBox.Show("Of uw naam is niet goed, of uw paswoord is verkeerd");
}
}
catch (Exception ex)
{
MessageBox.Show("Oops, something went wrong: " + ex.Message);
}
}
}
private void Start(Player p)
{
MainWindow m = new MainWindow(p);
m.Show();
this.Close();
}
private bool ValidateLogin()
{
bool isLoginValid = true;
StringBuilder messageBuilder = new StringBuilder(2);
if (string.IsNullOrEmpty(txtUserName.Text))
{
isLoginValid = false;
messageBuilder.AppendLine("Username is required.");
}
if (string.IsNullOrEmpty(txtPaswoord.Password))
{
isLoginValid = false;
messageBuilder.AppendLine("Password is required.");
}
if (!isLoginValid)
{
MessageBox.Show(messageBuilder.ToString(), "Please fill in the required fields", MessageBoxButton.OK, MessageBoxImage.Information );
}
return isLoginValid;
}
}
}using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Runtime.Serialization;
using Monopoly.Library;
using System.Data;
using System.Data.SqlClient;
namespace Monopoly.Data
{
// [DataContract]
public class PlayerData
{
public static Player VerifyUserInput(string naam, string paswoord)
{
//ParameterList aanmaken
List<SqlParameter> parameters = new List<SqlParameter>();
//Parameter(s) aanmaken
SqlParameter parA = new SqlParameter("PlayerName", naam);
SqlParameter parB = new SqlParameter("PlayerPaswoord", paswoord);
//Parameter(s) toevoegen
parameters.Add(parA);
parameters.Add(parB);
DataTable dt = Database.GetDT("dbo.Player", parameters.ToArray());
SqlCommand command = new SqlCommand("SELECT * FROM [Player] WHERE [PlayerName]='" + naam + "' AND [PlayerPaswoord]='" + paswoord + "'");
if (dt.Rows.Count == 1)
{
return new Player(naam, paswoord);
}
return new Player(naam, paswoord);
}
}
}Thanks in advance!