Click here to Skip to main content
15,922,007 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
hi ...
i want create Login Form with Permissions for users ...

but Error : Incorrect syntax near the keyword 'User' --> User = my Table name

DataAccess Class :

C#
SqlConnection con;
        SqlCommand com;
        SqlDataAdapter da;

        public DataAccess()
        {
            con = new SqlConnection();
            com = new SqlCommand();
            da = new SqlDataAdapter();
            com.Connection = con;
            da.SelectCommand = com;
        }

        public void Connect()
        {
            con.ConnectionString = @"Data Source=.;Initial Catalog=Test;Integrated Security=True";
            con.Open();
        }

        public void Disconnect()
        {
            con.Close();
        }

        public void Execute(string SQL)
        {
            com.CommandText = SQL;
            com.ExecuteNonQuery();
        }

        public DataTable SELECT(string SQL)
        {
            DataTable dt = new DataTable();
            com.CommandText = SQL;
            da.Fill(dt);
            return dt;
        }


Users Class :

C#
DataAccess DA = new DataAccess();

        public static bool M = false;
        public static bool S = false;
        public static bool B1 = false;
        public static bool B2 = false;

        public int ID;
        public string Nam;
        public string Pas;
        public bool Mnu;
        public bool Str;
        public bool Btn1;
        public bool Btn2;

        public void Sath(string name)
        {
            DA.Connect();
            string sql = "Select * From User Where Nam = '{0}' ";
            sql = string.Format(sql, name);
            DataTable dt = DA.SELECT(sql);
            DA.Disconnect();

            M = Convert.ToBoolean(dt.Rows[0]["Mnu"].ToString());
            S = Convert.ToBoolean(dt.Rows[0]["Str"].ToString());
            B1 = Convert.ToBoolean(dt.Rows[0]["Btn1"].ToString());
            B2 = Convert.ToBoolean(dt.Rows[0]["Btn2"].ToString());
        }

        public bool Login(string Name, string Pass)
        {
            DA.Connect();
            string sql = "Select Count(*) From User Where Nam = '{0}' And Pas = '{1}'";
            sql = string.Format(sql,Name,Pass);
            DataTable dt = new DataTable();
            dt = DA.SELECT(sql);
            DA.Disconnect();

            bool Enter = false;
            if (dt.Rows[0][0].ToString() == "1")
            {
                Enter = true;
            }
            return Enter;
        }

        public void ADD()
        {
            DA.Connect();
            string sql = "Insert Into User (ID,Nam,Pas,Mnu,Str,Btn1,Btn2)";
            sql += "Values ({0},'{1}','{2}','{3}','{4}','{5}','{6}')";
            sql = string.Format(sql, this.ID, this.Nam, this.Pas, this.Mnu, this.Str, this.Btn1, this.Btn2);
            DA.Execute(sql);
            DA.Disconnect();
        }

        public DataTable ShowData()
        {
            DA.Connect();
            DataTable dt = DA.SELECT("Select * From User");
            DA.Disconnect();
            return dt;
        }


Key Enter :

C#
Users us = new Users();
            if (us.Login(textBox2.Text, textBox1.Text) == true)
            {
                us.Sath(textBox2.Text);

                this.Hide();
                Form2 f2 = new Form2();
                f2.Show();
            }
            else
                MessageBox.Show("unvalid pass");
Posted
Comments
[no name] 14-Sep-14 12:26pm    
Debug your code, use parameterized queries and make sure you are using the correct data types. For example, a bool is not a string.
CPallini 14-Sep-14 13:13pm    
Where is the offending line, in the posted code?

hi guy's ...
this project is a login user with permissions .
How to Add edit & Del To This Project --> Admin

How to Add edit : username & pass To This Project --> user

thank's
 
Share this answer
 
Hi,
User is key word in sql server, but you are using as identifier. To solve this put User in double quotes or in square brackets. like below

string sql="select * from \"User\" where nam={0}";---> in C#.net we consider (\") as (")

or

string sql="select * from [User] where name={0}";
 
Share this answer
 
User is a key word in SQL Server it must be wrapped with Square brackets.

C#
string sql = "Select * From [User]  Where Nam = '{0}' ";

string sql = "Select Count(*) From [User] Where Nam = '{0 }' And Pas = '{1}'";

string sql = "Insert Into [User] (ID,Nam,Pas,Mnu,Str,Btn1,Btn2)";
 
Share this answer
 

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900