First you should validate your entered username & password is not blank or null.Then the next task:
I think you have a common class for SQLConnection:
Such as ConnectionManager.cs or DBConnection.
If you have not create a class like this..
public class DBConnection
{
public static SqlConnection GetConnection()
{
return SqlConnection conn = new sqlConnection(ConfigurationManager.ConnectionString["MyConn"].ConnectionString);
}
public static bool CheckLogin(string UserName,string UserPass)
{
string selectString =
"SELECT username, password " +
"FROM forum_members " +
"WHERE username = '" + UserName + "' AND password = '" + UserPass + "'";
var conn=GetConnection();
SqlCommand mySqlCommand = new MySqlCommand(selectString, conn);
conn.Open();
String strResult = String.Empty;
strResult = (String)SqlCommand.ExecuteScalar();
conn.Close();
if(strResult.Length == 0)
return false;
else return true
}
}
You can get Connection without Appconfig
public static SqlConnection GetConnection()
{
return SqlConnection conn = new SqlConnection("Data Source=Servername;Initial Catalog=Marketing;Integrated Security=SSPI");
}
In loginForm Use like this
private void loginbtn_Click(object sender, EventArgs e)
{
if(DBConnection.CheckLogin(txtUserName.Text.Trim(),txtUserPass.Text.Trim())
{
MessegeBox.Show("Login Successfully");
}
else{
MesseBox.Show("User is not exist or wrong password");
txtUserName.Focus();
}
}
I think you have your answer.