-3

In C# Application I want to set/Show username(logged In) in my dashboard form, So how do I do it. Thanks in Advance. Following is my Code.

con.dataGet("Select * from [User] Where UserName = '"+txtUserName.Text+"' AND Password = '"+txtPassword.Text+"'");
        DataTable dt = new DataTable();
        con.sda.Fill(dt);
        if (dt.Rows.Count > 0)
        {
            this.Hide();
            frmMain frm = new frmMain();
            frm.Show();
        }
        else
        {
            MessageBox.Show("Invalid Username And Password..!", "Login Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
        }

Please help me. Regards, Dharamraj

Gowtham Alan
  • 234
  • 3
  • 15
Dharamraj Patel
  • 15
  • 5
  • I think you could improve your question by providing more context. For example is this a WPF application or is it something else? Also, identifier that are meaningful help understanding your code better. Example: what does `con.sda` stand for? Identifiers such as `Fill` or `dataGet` are better. - Separate from that it appears as if you are storing passwords directly in the database. Is this homework for school or uni? – Manfred Feb 01 '19 at 04:34
  • 1
    **Some tips to help you get an answer:** 1. Explain what type of app it is (e.g. Windows Forms?) 2. Provide more context about your application, and what your dashboard (form) looks like. **Some warnings about your code** (in case it is anything more than a coding exercise or tutorial): 1. Looks like it will be vulnerable to SQL injection exploits. 2. Looks like it is storing the password in cleartext. It should hash passwords. – Ergwun Feb 01 '19 at 04:36
  • [please take a look at it](https://stackoverflow.com/questions/14376473/what-are-good-ways-to-prevent-sql-injection) try to use always Stored Procedure to get data from the DB. your requirement is simply to display the value where you want . you just bind the value of the label. – Gowtham Alan Feb 01 '19 at 04:47
  • 1.Windows form 2. frmMain – Dharamraj Patel Feb 01 '19 at 04:47
  • My concern is that after login I want to display Username on my other forms which is created by me – Dharamraj Patel Feb 01 '19 at 04:49
  • @Manfred my concern is that I want to display username on other forms/page after sucessful login – Dharamraj Patel Feb 01 '19 at 04:50

1 Answers1

0

First, and most important, don't ever use concatenated SQL queries because you are vulnerable to SQL injection. Use parameters to pass the values into the SQL command. An example of how to use them: SqlCommand Parameters.

Second to get the data you need, you just simply use the dt variable you fill with information from the db.

if (dt.Rows.Count > 0)
{
     //getting the value from the DataTable
     var userName = dt.Rows[0]["UserName_Column"];
     //at this point you have the user name
     //also a good idea is to store the user id, if available

     this.Hide();
     frmMain frm = new frmMain();
     frm.Show();
}
Manfred
  • 5,320
  • 3
  • 35
  • 29
Mihail Stancescu
  • 4,088
  • 1
  • 16
  • 21
  • Your answer sure help me but I want to display it on another form. My startup page is login and after sucessful login its redirected to frmMain form. So I want to display Username on frmMain page. So I need your help. So sir please help – Dharamraj Patel Feb 01 '19 at 05:34
  • You can use the next form constructor to pass that value, or you can create a static class or property in the main class you use as startup and set that class/property here, after you get the value. – Mihail Stancescu Feb 01 '19 at 05:45