Hee: c# - Login Form using Sql 3layered style -

Saturday, 15 May 2010

c# - Login Form using Sql 3layered style -

i trying create decent login form application using sql server management studio. supposed 3 layered.

i think they're both correct, in main form got 2 txtboxes , button have no thought how connect 1 , when come in username , pw check database see if both correct.

so far got:

public class usersdb {     public static users getusers(string username, string password)     {          sqlconnection conn = quizzesdb.getconnection();         users user = new users();          string selectstatement =             "select * " +             "from users" +             "where user_name = @user_name" +             "and password = @password";         sqlcommand selectcommand = new sqlcommand(selectstatement, conn);         selectcommand.parameters.addwithvalue("@user_name", username);         selectcommand.parameters.addwithvalue("@password", password);           seek         {             conn.open();             sqldatareader reader = selectcommand.executereader();             while (reader.read())             {                 user.username = reader["user_name"].tostring();                 user.password = reader["password"].tostring();             }             reader.close();         }          grab (sqlexception ex)         {             throw ex;         }                 {             conn.close();         }          homecoming user;     } }

the class info database.

the sec class

public class users {     private string cusername;     private string cpassword;      public users() { }      public string username     {         {  homecoming cusername; }         set { cusername = value; }     }     public string password     {         {  homecoming cpassword; }         set { cpassword = value; }     } }

i tried : error "incorrect syntax near '='".

private void btnlogin_click(object sender, eventargs e)     {         string username = txtusername.text;         string password = txtpassword.text;         users user = new users();         user = usersdb.getusers(username, password);          seek         {             user = usersdb.getusers(username, password);             if (user == null)             {                 messagebox.show("wrong username or password", "login");             }             else             {                 messagebox.show("login succesvol", "login");             }         }          grab (exception ex){             throw ex;         }                }

in add-on bad coding style, have little problem in sql query:

string selectstatement =         "select * " +         "from users" + // <-- need space before "         "where user_name = @user_name" + // <-- here         "and password = @password";

why not utilize single line query?

string selectstatement = "select * users user_name = @user_name , password = @password";

and if need multiline query, why not utilize verbatim strings?

string selectstatement = @" select * users user_name = @user_name , password = @password";

c# sql 3-tier

Hee

Saturday, 15 May 2010

c# - Login Form using Sql 3layered style -

No comments:

Post a Comment