Home/ Questions/Q 6886207
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-27T05:43:50+00:00

I am using .net connector for mysql. I went to code a user login

  • 0

I am using .net connector for mysql. I went to code a user login form, that seems to work correctly, but when i click the login button with valid login details, it tells me i logged in successfully then tells me its a wrong user/pass combo.

here is the code and everything seems the way it should be.

The program checks the hashed password against the one entered in the database, which all works nicely. But for some reason the “successfully logged in” messagebox shows then right after, the “wrong username/password combo” messagebox shows.

I’ve been trying to figure out where i went wrong for the past 2 days and its drivin me nuts. maybe you guys can see where i screwed up lol

the code:

            try
        {
            MySqlConnection connection = new MySqlConnection(MyConString);
            MySqlCommand command = connection.CreateCommand();
            MySqlDataReader Reader;
            command.CommandText = "select * from users";
            try
            {
                connection.Open();
            }
            catch (Exception ex)
            {
                listBox4.Items.Add(ex);
                MessageBox.Show("There has been an error connecting to the user database! Please try again later.");
            }
            Reader = command.ExecuteReader();
            while (Reader.Read())
            {
                if (textBox4.Text == Reader.GetString(2))
                {
                    string haspass= CryptorEngine.Encrypt(textBox5.Text, true);
                    if (haspass == Reader.GetString(3))
                    {
                            MessageBox.Show("Successfully logged in!");
                    }
                    else
                    {
                        MessageBox.Show("Wrong Unhashed Username/Password Combination");
                    }
                }
                else
                {
                    MessageBox.Show("Wrong Username/Password Combination");
                }
            }
            connection.Close();
        }
        catch (Exception ex)
        {
            listBox4.Items.Add(ex);
        }
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Here’s a better way to do it:

    try
{
    MySqlConnection connection = new MySqlConnection(MyConString);
    MySqlCommand command = connection.CreateCommand();
    MySqlDataReader Reader;
    //Change the "username" and "password" to the corresponding names of these columns in your table
    command.CommandText = "SELECT * FROM users WHERE username = @username AND password = @password LIMIT 1";
    //assuming textbox4 has the username
    command.Parameters.AddWithValue("@username", textBox4.Text); 
    command.Parameters.AddWithValue("@password", CryptorEngine.Encrypt(textBox5.Text, true));

    try
    {
        connection.Open();
    }
    catch (Exception ex)
    {
        listBox4.Items.Add(ex);
        MessageBox.Show("There has been an error connecting to the user database! Please try again later.");
        //you should return here since if there's no connection you can't run the query
    }

    Reader = command.ExecuteReader();

    if(Reader.HasRows){
        MessageBox.Show("Successfully logged in!");
    }
    else
    {
        MessageBox.Show("Wrong Username/Password Combination");
    }

    connection.Close();
}
catch (Exception ex)
{
    listBox4.Items.Add(ex);
}

    This will only return one row (if it exists).

    • 0