Access Restriction, in Visual Studio Project, with C #! [closed]

1

During my technical computer course, in the Programming module, I made a project with Windows Form! This project is linked to a database I created myself in SQL Server!

It would be a "software" for medical clinic (all fictitious), from the beginning I have a screen where anyone who accesses will put: User, Password and Sector of Action! There are only three sectors that can access the system: Physicians, Administrator and Receptionist! Being that each one will have different access, ie the Adm is who can access the entire system, already doctors and receptionist will be denied access to some areas!

I made a DAL and also made the button codes that will allow access to the system! But he gives me an error message:

TheproblemisthatIcannotfindtheerror!Belowisthecodeimage:

Unfortunately,Ihavetoputthesamecode,becauseIcannotgetprintoutofthewholecode,withoutcuttingit!

**

}dr.Close();returnseto.SetorRestricao;}publicstringlogasenha(stringusuarioRestricao,stringsenhaRestricao,stringsetoAtu){SqlConnectionNanoTec=newSqlConnection(Conexao.ObtemConexao());NanoTec.Open();SqlCommandComando=newSqlCommand("select * from Restricao where NomeUsuario = '" + usuarioRestricao + "' , SenhadeAcesso = '" + senhaRestricao + "' AND SetorAtuacao = '" + setoAtu + "'" , NanoTec);
                  SqlDataReader dr = Comando.ExecuteReader();
                   RestricaoDAL senha = new RestricaoDAL();
                     while (dr.Read())
                     {
                        senha.SenhaRestricao = dr["SenhaRestricao"].ToString();
                        }
                            return senha.SenhaRestricao;
            }
    }
}

**

Someone to help? After this help I will need another one, but I will not post it until I find my error clear!

Thank you Carol!

    
asked by anonymous 08.02.2017 / 23:09

1 answer

2

Your problem is an sql syntax error.

Change the line;

SqlCommand Comando = new SqlCommand("select * from Restricao where NomeUsuario = '" + usuarioRestricao + "' , SenhadeAcesso = '" + senhaRestricao + "' AND SetorAtuacao = '" + setoAtu + "'" , NanoTec);

To;

SqlCommand Comando = new SqlCommand("select * from Restricao where NomeUsuario = '" + usuarioRestricao + "' and SenhadeAcesso = '" + senhaRestricao + "' AND SetorAtuacao = '" + setoAtu + "'" , NanoTec);
    
10.02.2017 / 13:41