Show a form according to the user level in C# and SQL -


im trying show form according user level in c# , sql, got data table user_id,user_pass , user_level, want code see if pass word , user name correct , show form according user level (1 manager 2 employee) thank :)

private void button1_click(object sender, eventargs e) {     try     {         string connection = @"data source=local-pc\home;initial catalog=project;integrated security=true";         sqlconnection cn = new sqlconnection(connection);         cn.open();         string usertext = textbox1.text;         string passtext = textbox2.text;          sqlcommand cmd = new sqlcommand("select isnull(user_id, '') user_id, isnull(user_pass,'') user_pass, user_level user_login user_id = @user_id , user_pass = @user_pass , user_level = @user_level", cn);         cmd.parameters.add(new sqlparameter("user_id", usertext));         cmd.parameters.add(new sqlparameter("user_pass", passtext));           sqldatareader dr = cmd.executereader();           try         {             dr.read();              if (dr["user_id"].tostring().trim() == usertext && dr["user_pass"].tostring().trim() == passtext && dr["user_level"].tostring().trim() == "1")             {                 textbox3.text = dr["user_id"].tostring();                 this.hide();                 form2 form2 = new form2();                 form2.show();                 //this.close();             }              if (dr["user_id"].tostring().trim() == usertext && dr["user_pass"].tostring().trim() == passtext && dr["user_level"].tostring().trim() == "2")             {                 textbox3.text = dr["user_id"].tostring();                 this.hide();                 form3 form3 = new form3();                 form2.show();                 //this.close();             }         }         catch         {             messagebox.show("invalid username or password");         }         dr.close();         cn.close();      }     catch     {      } }

first of all:

sqlcommand cmd = new sqlcommand("select isnull(user_id, '') user_id,                                         isnull(user_pass,'') user_pass,                                         user_level                                  user_login                                  user_id = @user_id                                    , user_pass = @user_pass                                    , user_level = @user_level", cn);

the query has 3 parameters providing 2. must declare third as:

cmd.parameters.add(new sqlparameter("user_level", int32.parse(leveltext)));

or remove last filter where clause

//and user_level = @user_level"

second :

why check dr["user_id"].tostring().trim() == usertext , dr["user_pass"].tostring().trim() == passtext while know sure true. filtered on in sql query. filter on if should follow only:

if (dr["user_level"].tostring().trim() == "1") //eventually = "2"

finally :

i recommend use following fixed code :

private void button1_click(object sender, eventargs e) {     try     {         string connection = @"data source=local-pc\home;initial catalog=project;integrated security=true";         sqlconnection cn = new sqlconnection(connection);         cn.open();         string usertext = textbox1.text;         string passtext = textbox2.text;          sqlcommand cmd = new sqlcommand("select isnull(user_id, '') user_id, isnull(user_pass,'') user_pass, user_level user_login user_id = @user_id , user_pass = @user_pass, cn);         cmd.parameters.add(new sqlparameter("user_id", usertext));         cmd.parameters.add(new sqlparameter("user_pass", passtext));          sqldatareader dr = cmd.executereader();          try         {             dr.read();              if (dr["user_level"].tostring().trim() == "1")             {                 textbox3.text = dr["user_id"].tostring();                 this.hide();                 form2 form2 = new form2();                 form2.show();                 //this.close();             }              if (dr["user_level"].tostring().trim() == "2")             {                 textbox3.text = dr["user_id"].tostring();                 this.hide();                 form3 form3 = new form3();                 form3.show();                 //this.close();             }         }         catch         {             messagebox.show("invalid username or password");         }         dr.close();         cn.close();      }     catch     {      } }

edit :

according comment error the name 'form2' not exist in current context. need correct last if following:

form3 form3 = new form3(); form3.show(); // instead of form2.show();

Comments

Post a Comment

Popular posts from this blog

c# - Operator '==' incompatible with operand types 'Guid' and 'Guid' using DynamicExpression.ParseLambda<T, bool> -

i'm using dynamic linq library , there source code , basic docu , nuget version pm> install-package dynamiclinq i'm trying construct clause involves guids i have tried string "id == @0" . parameter array object[] value ( guid xxxx ) var whereclausesb = buildlogicalkeywhereclause2(entity, logicalkey); //build string var parms = buildparamarray(entity, logicalkey); // object[] var wherelambda = ofsi.bos.core.dynamicexpression.parselambda<t, bool>(whereclausesb.tostring(),parms); //parse an exception thrown in dynamicexpression.parselambda operator '==' incompatible operand types 'guid' , 'guid' i have tried guid , string.(fail) i tried , "id = @0" (fail). string == string works, int32==int32 not guid == guid not any ideas? try using equals method instead of == operator in string: "id.equals(@0)"
Read more