[HttpPost]
    public IActionResult AppUserLogin(AppUser user)
    {
        string? connectionString = _configuration.GetConnectionString(ConnectionStringKey);
        MySqlConnection connection = new MySqlConnection(connectionString);
        try
        {
            connection.Open();
            string sqlLogin = "SELECT Email,Password FROM AppUser WHERE Email= @Email AND password @Password ";
            MySqlCommand command = new MySqlCommand(sqlLogin, connection);
            command.Parameters.AddWithValue("@Email", user.Email);
            command.Parameters.AddWithValue("@Password", user.Password);
            SqlDataReader reader = command.ExecuteReader();
            if (reader.HasRows)
            {
                while (reader.Read())
                {
                    if (ModelState.IsValid)
                    {
                        user.Id = reader["Id"].ToString();
                        //user.Email = usr.Email;
                        TempData["Msg"] = "Successfully login!";
                    }
                }
            }
            else
            {
                TempData["msg"] = "Unexpected Database Error";
            }
            connection.Close();
        }
        catch (Exception ex)
        {
            TempData["Msg"] = "Incorrect email or password" + ex.Message;
        }
        //if (ModelState.IsValid)
        //{

        //}
        //else
        //{
        //    TempData["msg"] = "Invalid information entered!";
        //}


        return RedirectToAction("Main");

    }

   [HttpPost]
    public IActionResult AppUserLogin(AppUser user)
    {
        string? connectionString = _configuration.GetConnectionString(ConnectionStringKey);
        MySqlConnection connection = new MySqlConnection(connectionString);
        try
        {
            connection.Open();
            string sqlLogin = "SELECT Email,Password FROM AppUser WHERE Email= @Email AND password @Password ";
            MySqlCommand command = new MySqlCommand(sqlLogin, connection);
            command.Parameters.AddWithValue("@Email", user.Email);
            command.Parameters.AddWithValue("@Password", user.Password);
            SqlDataReader reader = command.ExecuteReader();
            if (reader.HasRows)
            {
                while (reader.Read())
                {
                    if (ModelState.IsValid)
                    {
                        user.Id = reader["Id"].ToString();
                        //user.Email = usr.Email;
                        TempData["Msg"] = "Successfully login!";
                    }
                }
            }
            else
            {
                TempData["msg"] = "Unexpected Database Error";
            }
            connection.Close();
        }
        catch (Exception ex)
        {
            TempData["Msg"] = "Incorrect email or password" + ex.Message;
        }
        //if (ModelState.IsValid)
        //{

        //}
        //else
        //{
        //    TempData["msg"] = "Invalid information entered!";
        //}


        return RedirectToAction("Main");

    }

[HttpPost]
    public IActionResult AppUserLogin(AppUser Emails, AppUser Passwords)
    {
        string? connectionString = _configuration.GetConnectionString(ConnectionStringKey);
        MySqlConnection connection = new MySqlConnection(connectionString);
        try
        {
            connection.Open();
            //string sql = "SELECT Email,Password FROM AppUser WHERE email= '" + Emails + "' AND password = '" + Passwords + "'";
            string sql = "SELECT Email,Password FROM AppUser WHERE email = @Emails AND password = @Passwords";
            MySqlCommand command = new MySqlCommand(sql, connection);
            command.Parameters.Add("@Emails",SqlDbType.VarChar());
            command.Parameters["@Emails"].Value = Emails;      
            command.Parameters.Add("@Passwords", SqlDbType.VarChar());
            command.Parameters["@Passwords"].Value = Passwords;
            command.ExecuteNonQuery();
            TempData["Msg"] = "Successfully login!";
            connection.Close();
        }
        catch (Exception ex)
        {
            TempData["Msg"] = "Incorrect email or password" + ex.Message;
        }
        return View("AppUserLogin");

[HttpPost]
    public IActionResult AppUserLogin(AppUser Emails, AppUser Passwords)
    {
        string? connectionString = _configuration.GetConnectionString(ConnectionStringKey);
        MySqlConnection connection = new MySqlConnection(connectionString);
        try
        {
            connection.Open();
            //string sql = "SELECT Email,Password FROM AppUser WHERE email= '" + Emails + "' AND password = '" + Passwords + "'";
            string sql = "SELECT Email,Password FROM AppUser WHERE email = @Emails AND password = @Passwords";
            MySqlCommand command = new MySqlCommand(sql, connection);
            command.Parameters.Add("@Emails",SqlDbType.VarChar());
            command.Parameters["@Emails"].Value = Emails;      
            command.Parameters.Add("@Passwords", SqlDbType.VarChar());
            command.Parameters["@Passwords"].Value = Passwords;
            command.ExecuteNonQuery();
            TempData["Msg"] = "Successfully login!";
            connection.Close();
        }
        catch (Exception ex)
        {
            TempData["Msg"] = "Incorrect email or password" + ex.Message;
        }
        return View("AppUserLogin");

string query = "SELECT * FROM users WHERE username =' " @ username  +" ';

string query = "SELECT * FROM users WHERE username =' " @ username  +" ';