Home Library Learn Samples Downloads Support Community Forums
Microsoft Developer Network >
login

Locked login

  • Monday, July 30, 2012 3:37 AM
     
     
    Sign In to Vote
    0

    how to code for the additional login for the members? The login for the admin works well..i just got a problem with the members because the error is either i have to open the connection even though its already open..or the form for admin appears.

    here's my code..

    Imports MySql.Data.MySqlClient

    Public Class Form1
        Dim connection As New MySqlConnection("server = localhost; user id = root; password = ; database = ods_db")
        Private Sub Button2_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button2.Click

            Dim cmd As New MySqlCommand
            Dim da As New MySqlDataAdapter
            Dim reader As MySqlDataReader
            

            connection.Open()

            cmd = connection.CreateCommand
            cmd.CommandText = "select level from user where username like '%" & TextBox1.Text & "%' And password like '%" & TextBox2.Text & "%'"

            reader = cmd.ExecuteReader
            If reader.Read() Then
                da.SelectCommand = cmd
                MsgBox("Welcome Admin!")
                admin.Show()
            Else
                MsgBox("Username and/or password is not valid!")
            End If
            connection.Close()

        End Sub

        Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
            Close()
        End Sub
    End Class

       

    All Replies

    • Monday, July 30, 2012 5:23 AM
       
       Answered Has Code
      Sign In to Vote
      0

      I guess you are not taking the right approach. 

      1st of all, when you are retreiving a "level" or logging user, why you are using "like" part of the sql query? Normally we take full username and password!?

      Next, check how it can be done:

      Private Sub CheckLevel()
	Dim user As String = ""
	Dim conn As New SqlConnection("connString")
	Dim query As String = "select level from user where username = @user And password = @pass"
	Dim cmd As New SqlCommand(query, conn)
	cmd.Parameters.AddWithValue("@user", "")
	cmd.Parameters.AddWithValue("@pass", "")
	Dim reader As SqlDataReader = cmd.ExecuteReader()
	If reader.Read() Then
		user = DirectCast(reader(0), String)
			'user does not exists
	Else
	End If
	'close conn, cmd and reader here
	'then check:
			'do the code for admin
	If user = "admin" Then
			'do the code for regular user
	ElseIf user = "regularUser" Then
	End If
End Sub

      Mitja

         
      • Tuesday, August 21, 2012 4:44 PM
         
         
        Sign In to Vote
        0
        i did the same code but still the form for admin still appears even though i entered the user for the member.
           
        © 2013 Microsoft. All rights reserved.