β Error on my try and catch
It says that the variable 'ex' is declared but never used and how do i make the username and password more secure?
[HttpPost]
public IActionResult AppUserLogin(AppUser user)
{
string connectionString = "server=db4free.net;database=rpxxxxx;uid=rpxxxx;pwd=rpxxxxx;";
MySqlConnection connection = new MySqlConnection(connectionString);
try
{
connection.Open();
string sql = "SELECT Email,Password FROM AppUser WHERE Email= '" + user.Email + "' AND password = '" + user.Password + "'";
MySqlCommand command = new MySqlCommand(sql, connection);
command.ExecuteNonQuery();
TempData["Msg"] = "Successfully login!";
connection.Close();
}
catch (Exception ex)
{
TempData["Msg"] = "Incorrect email or password";
}
return RedirectToAction("Main");
} [HttpPost]
public IActionResult AppUserLogin(AppUser user)
{
string connectionString = "server=db4free.net;database=rpxxxxx;uid=rpxxxx;pwd=rpxxxxx;";
MySqlConnection connection = new MySqlConnection(connectionString);
try
{
connection.Open();
string sql = "SELECT Email,Password FROM AppUser WHERE Email= '" + user.Email + "' AND password = '" + user.Password + "'";
MySqlCommand command = new MySqlCommand(sql, connection);
command.ExecuteNonQuery();
TempData["Msg"] = "Successfully login!";
connection.Close();
}
catch (Exception ex)
{
TempData["Msg"] = "Incorrect email or password";
}
return RedirectToAction("Main");
}