-2

I have a problem with this code. It is login for software. I would like to limit some accessibility for each employee. But it doesn't work. Actually I make enabled=false all the options when menu is loaded.

This is code behind the form. The form has 2 textboxes,one of them is for username and the other one is for password and has one Enter button. 

    private void Enter_Click(object sender, EventArgs e)
    {
        if (txtPassword.Text == "10")
        {
            FormMenu a = new FormMenu();
            this.Hide();

            a.EmployeManagement.Enabled = true;
            a.Sabtenam.Enabled = true;
            a.Shora.Enabled = true;
            a.HozorGhiab.Enabled = true;
            a.Ketabkhane.Enabled = true;
            new FormMenu().Show();
            a.Refresh();                
        }
        else
            if (txtPassword.Text == "20")
            {
                FormMenu a = new FormMenu();
                this.Hide();

                a.Sabtenam.Enabled = true;
                a.HozorGhiab.Enabled = true;
                new FormMenu().Show();
            }
            else
                if (txtPassword.Text == "30")
                {
                    FormMenu a = new FormMenu();
                    this.Hide();

                    a.Shora.Enabled = true;
                    new FormMenu().Show();
                }
                    else
                    if (txtPassword.Text == "40")
                    {
                        FormMenu a = new FormMenu();
                        this.Hide();

                        a.HozorGhiab.Enabled = true;
                        new FormMenu().Show();
                    }
                    else
                        if (txtPassword.Text == "50")
                        {
                            FormMenu a = new FormMenu();
                            this.Hide();

                            a.Shora.Enabled = true;
                            new FormMenu().Show();
                        }
                        else
                            if (txtPassword.Text == "60")
                            {
                                FormMenu a = new FormMenu();
                                this.Hide();

                                a.Ketabkhane.Enabled = true;
                                new FormMenu().Show();
                            }
                            else
                                MessageBox.Show("Invalid username or password");



    }
Marleen Schilt
  • 650
  • 15
  • 26
Eli
  • 9
  • 1
  • Don't hardcode the passwords. [Hash](https://crackstation.net/hashing-security.htm) them. Then use [RBAC](https://en.wikipedia.org/wiki/Role-based_access_control) pattern for defining menu accessibility. – Martheen Jan 25 '16 at 10:18

2 Answers2

1

You should remove all those lines new FormMenu().Show(); and use the instance in which you enable the options. IE: a.Show()

if (txtPassword.Text == "10")
{
    FormMenu a = new FormMenu();
    this.Hide();

    a.EmployeManagement.Enabled = true;
    a.Sabtenam.Enabled = true;
    a.Shora.Enabled = true;
    a.HozorGhiab.Enabled = true;
    a.Ketabkhane.Enabled = true;
    a.Show();

}

and so on for all the other if conditions.....

This requires a little explanation of a basic OOP principle. When you call new you create a new instance of the class invoked in the new call. This instance has all its properties set to the defaults. (I assume that your menus starts with the Enabled property set to false) You start changing the properties of that instance (the a instance) that you want to enable.

Now, if you call again new and create a new instance of the FormMenu then all the work done on the a instance is useless and you see the unnamed instance shown on your screen.

Think it in this way, writing

new FormMenu().Show();

is equal to write

FormMenu b = new FormMenu();
b.Show();

FINAL NOTE:
Of course I assume that this code is just for simple tests of your menu system. There is no sense to use fixed passwords in a real business application. A lot of things need to be changed here to have something more professional. First you need a database where to store the usernames, passwords and roles they play in your application. Then you need to provide your program a way to read/write the login information from the database and do not forget to store all the passwords in an hashed form and not in clear text. (You don't want to leave your password easily readable by anyone that could look at the table where you have stored them)

Steve
  • 213,761
  • 22
  • 232
  • 286
  • i did this,a.show instead of last code but cant enable option for user number 10 yet,what should i do now? – Eli Jan 25 '16 at 10:24
  • yes,it is simple ! and im not a professional programmer,im just student . i have sql table for username and password. – Eli Jan 25 '16 at 10:32
  • @Eli if you want to see how this is done with a database table you could easily find thousands of examples. – Steve Jan 25 '16 at 10:59
  • thank you! could you show me an example? – Eli Jan 25 '16 at 14:02
  • Fair advanced: http://stackoverflow.com/questions/22873717/authenticate-user-in-winforms-nothing-to-do-with-asp-net, barebone Database lookup https://social.msdn.microsoft.com/Forums/windows/en-US/a3f37415-e7b5-4e99-aea1-f38c02fb3aa7/login-form-for-windows-application?forum=winformsapplications but really just do a search and you will find tons of resources – Steve Jan 25 '16 at 14:07
1

I would suggest you to make a SQL database table with employee details and another table which has details about password,restrictions and employee reference number to the first table.

Then in the code you can take the user input and check these values with your database values.

Isuru
  • 430
  • 5
  • 21