Validate a user within the database

Navigation
4

Good morning,

I am working as Windows Forms and user controls within C #, which I am working with an application that acts as a clock watch.

This first screen acts, like the main screen. Which all users have access to now.

Inside the login, they write their username and when pressing register they must make a comparison with the registered users within the DB.

The code I use is the following: 

 private void button1_Click(object sender, EventArgs e)
        {


            SqlCommand agregar2 = new SqlCommand(string.Format("Select Usuario From Usuarios where Usuario = '"+textBox1.Text+"'", cadena));

            if ( textBox1.Text == agregar2.CommandText)
            {

            SqlCommand agregar = new SqlCommand("insert into Registros_ values (@nombre, @Fecha, @Hora)", cadena);
            cadena.Open();

            try
            {
                label2.Text = DateTime.Now.ToString("yyyy-MM-dd");
                label1.Text = DateTime.Now.ToString("HH:mm:ss");
                agregar.Parameters.AddWithValue("@nombre", textBox1.Text);

               agregar.Parameters.AddWithValue("@fecha", label2.Text);
                agregar.Parameters.AddWithValue("@Hora", label1.Text);
                agregar.ExecuteNonQuery();
                MessageBox.Show("Correcto");
            }
            catch (Exception ex)
            {
                MessageBox.Show("No se pudo insertar" + ex);
            }
            finally
            {
                textBox1.Clear();

                cadena.Close();

            }
        }
            else
            {
                MessageBox.Show("No existe en la base de datos o Usuario Incorrecto");
                MessageBox.Show(agregar2.ToString());
                MessageBox.Show(textBox1.Text);
            }
        }

At the moment of making the query, it takes all the value of the query:

How can I just take the value of: DaniLop21, because apparently I'm taking the whole string "Select User From Users where User = 'DaniLop21'" and when comparing it obviously does not coindise with the value of Textbox1 = DaniLop21 .

Greetings and thanks.

    
asked by Ezequie Lopez 28.08.2018 в 00:17
source

2 answers

1

It would be easier to use SqlDataReader, you could use it in the following way 

var reader = agregar2.ExecuteReader(); 
if(reader.HasRows){ //do something }

For more information on the subject you can consult the information here

I hope it helps you.

    
answered by 28.08.2018 / 00:51
source
0

It would be easier to do it with a Linq and an Entity if you can, in any case it would be easier.

but in your case you could relizarlo of the following way: 

private void button1_Click(object sender, EventArgs e)
    {
        SqlDataAdapter agregar2 = new SqlDataAdapter("Select Usuario From Usuarios where Usuario = '" + textBox1.Text + "'", cadena);
        DataSet ds = new DataSet();
        agregar2.Fill(ds);
        string usuario= ds.Tables[0].Rows[0]["Usuario"].ToString();

        if ( textBox1.Text == usuario)
        {

        SqlCommand agregar = new SqlCommand("insert into Registros_ values (@nombre, @Fecha, @Hora)", cadena);
        cadena.Open();

        try
        {
            label2.Text = DateTime.Now.ToString("yyyy-MM-dd");
            label1.Text = DateTime.Now.ToString("HH:mm:ss");
            agregar.Parameters.AddWithValue("@nombre", textBox1.Text);

           agregar.Parameters.AddWithValue("@fecha", label2.Text);
            agregar.Parameters.AddWithValue("@Hora", label1.Text);
            agregar.ExecuteNonQuery();
            MessageBox.Show("Correcto");
        }
        catch (Exception ex)
        {
            MessageBox.Show("No se pudo insertar" + ex);
        }
        finally
        {
            textBox1.Clear();

            cadena.Close();

        }
    }
        else
        {
            MessageBox.Show("No existe en la base de datos o Usuario Incorrecto");
            MessageBox.Show(agregar2.ToString());
            MessageBox.Show(textBox1.Text);
        }
    }

You are missing the code to call the select of your database: 

SqlDataAdapter agregar2 = new SqlDataAdapter("Select Usuario From Usuarios where Usuario = '" + textBox1.Text + "'", cadena);
        DataSet ds = new DataSet();
        agregar2.Fill(ds);
        string usuario= ds.Tables[0].Rows[0]["Usuario"].ToString();

Edited I'm missing the semicolon.

    
answered by 28.08.2018 в 00:42
Problem with ng-change checkbox in Angular Form String with single quote. Error ORA-01756