-1

Here's my MSacces:

enter image description here

My error : I can sign up and sign in but when I start the program again I can't sign in with same variable.

For example : I signed up with admin 123 and then I log in with admin 123. I then close the program and open it again, I can't sign in with admin 123.

Form 1 starts from here: 

    OleDbConnection bağlanti = new OleDbConnection("Provider=Microsoft.ACE.OLEDB.12.0;Data Source=üye.accdb");
    private void button2_Click(object sender, EventArgs e)
    {
        bağlanti.Open();//connection open
        OleDbCommand komut = new OleDbCommand("select * From üyeler", bağlanti);
        OleDbDataReader okuyucu = komut.ExecuteReader();//reader



        while (okuyucu.Read())reader.read
        {
            if (textBox1.Text.ToString() == okuyucu["kullaniciadi"].ToString())//read[accountname]
            {
                if (textBox2.Text.ToString() == okuyucu["kullanicisifre"].ToString())//read[password]
                {

                    MessageBox.Show("tebrikler giriş başarılı");//cong sign in sucseed
                    Form2 frm = new Form2();//going new form
                    frm.Show();
                    this.Hide();
                }
            }               
            else
            {
                MessageBox.Show("Bu kullanıcı adı şifresi yanlıştır");
            }
        }
        bağlanti.Close();
    }

    private void uyeol_Click(object sender, EventArgs e)
    {
        Form3 frm = new Form3();//sign up button
        frm.Show();
        this.Hide();
    }
}
}

and its form 3 

    OleDbDataAdapter da;
    OleDbCommand cmd;
    DataSet ds;

    OleDbConnection bağlanti = new OleDbConnection("Provider = Microsoft.ACE.OLEDB.12.0; Data Source =üye.accdb");

    void griddoldur()
    {
        bağlanti = new OleDbConnection("Provider=Microsoft.ACE.Oledb.12.0;Data Source=okul.accdb");//con
        da = new OleDbDataAdapter("select *from ogrenci", bağlanti);
        ds = new DataSet();

    }
    private void Form1_Load(object sender, EventArgs e)
    {
        griddoldur();
    }
         public void button1_Click(object sender, EventArgs e)
    {
        cmd = new OleDbCommand();

        bağlanti.Open();//connection open
        cmd.Connection = bağlanti;//cmd = new OleDbCommand();
        cmd.CommandText="insert into üyeler (kullaniciadi,kullanicisifre,tel,ad) values ('"+textBox1.Text+"','"+textBox2.Text+"','"+textBox3.Text+"','"+textBox4.Text+"')";//(account name + textbox1)(passw+ textbox2)(phonenumber+textbox3)(Name + textbox 4)
        cmd.ExecuteNonQuery();,//cmd = new OleDbCommand();
        bağlanti.Close();//connection close

            Form1 frm = new Form1();//going log in form
            frm.Show();
            this.Hide();

    }
}
Brian Tompsett - 汤莱恩
  • 5,753
  • 72
  • 57
  • 129
Sefa Kalkan
  • 93
  • 9
  • 2
    Sorry, but your language is gibberish to me :( Feel free to have a look at [this meta post](http://meta.stackoverflow.com/questions/266563/do-non-english-words-increase-the-probability-of-receiving-downvotes/) – nvoigt Aug 18 '16 at 13:16
  • When you have two records in your table the else part kicks of an tells you that you cannot login (?) but in reality you have not finished to check the second record. Do you know how to use the WHERE clause in an SQL statement? – Steve Aug 18 '16 at 13:19
  • the only thing about this post that is clear to me is that it is WIDE open to SQL injection. NEVER EVER concatenate strings for SQL queries. Clarify what the words written in your language mean so that the rest of us can get an idea of what is going on (add comments to the code) – Takarii Aug 18 '16 at 13:20
  • its my first Msacces code :/ – Sefa Kalkan Aug 18 '16 at 13:20
  • 1
    That did not help much. We do not speak Turkish. You will get better replies if you write your code in English, too. Your names and texts mean nothing to me. They are gibberish to me. – nvoigt Aug 18 '16 at 13:50

1 Answers1

1

To correctly check if your user+password exists use this approach

private void button2_Click(object sender, EventArgs e)
{
    string cmdText = @"select * From üyeler 
                       where kullaniciadi=@account 
                         and kullanicisifre=@pass";
    using(OleDbConnection bağlanti = new OleDbConnection(.......))
    using(OleDbCommand komut = new OleDbCommand(cmdText, bağlanti))
    {
        bağlanti.Open();//connection open
        komut.Parameters.Add("@account", OleDbType.VarWChar).Value = textBox1.Text;
        komut.Parameters.Add("@pass", OleDbType.VarWChar).Value = textBox2.Text;
        using(OleDbDataReader okuyucu = komut.ExecuteReader())
        {
            // Now with the WHERE clause if there are rows you have the login
            if(okuyucu.HasRows)
            {
                MessageBox.Show("tebrikler giriş başarılı");//cong sign in sucseed
                Form2 frm = new Form2();//going new form
                frm.Show();
                this.Hide();
            }
            else
            {
                MessageBox.Show("Bu kullanıcı adı şifresi yanlıştır");
            }
        }               
    }
}

This query uses the WHERE clause to let the database search for you if there is a record with the user name and password required. Note also that I have used a parameterized query to avoid parsing errors and Sql Injections. Finally all disposable objects should be enclosed in a using block to destroy them when you have finished working with them (in particular the OleDbConnection object)

There is another thing to say about your code. It seems that you keep your passwords in clear text inside the database. This is a big security risk more so with an Access Database where everyone could simply copy/look the file and see all your users passwords. Don't do that instead search how to store passwords in a database

Community
  • 1
  • 1
Steve
  • 213,761
  • 22
  • 232
  • 286