none
Login Page not working RRS feed

  • Question

  • Please help me my user name and password is correct .

    every time enter user name and password not redirect to desire page 

      protected void Button_Login_Click(object sender, EventArgs e)
        {
            SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["SECODMSConnectionString"].ConnectionString);
            conn.Open();
            string checkuser = "select count(*) from UserData where UserName= ' " + TextBoxUserName.Text +"'";
            SqlCommand com = new SqlCommand(checkuser, conn);
            int temp = Convert.ToInt32(com.ExecuteScalar().ToString());
            conn.Close();
            if (temp == 1)
            {
                conn.Open();
                string checkpasswordQuery = "select Password from UserData where UserName= ' " + TextBoxUserName.Text + "'";
                SqlCommand passcom = new SqlCommand(checkpasswordQuery, conn);
                string password = passcom.ExecuteScalar().ToString().Replace(" ","");
    
                if (password == TextBoxPassword.Text)
                {
                    Session["New"] = TextBoxUserName.Text;
                    Response.Write("Password is correct");
                }
    
                else
                {
                    Response.Write("Password is not correct");
                }
            }
            else
            {
    
                 Response.Write("User Name is not  Correct  ");
    
    
    
            }

    Kindly Advise us 

    Monday, June 17, 2019 7:27 AM

Answers

  • Hi saqsaqPK,

    Thank you for posting here.

    Based on your description, you want to redirect to desire page with correct username and password.

    I think you could use Response.Redirect method to solve it.

    Code:

     protected void Button1_Click(object sender, EventArgs e)
            {
               
                Response.Redirect("~/WebForm2.aspx");
            }

    Result:

    Best Regards,

    Jack



    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    • Marked as answer by saqsaqPK Monday, June 17, 2019 9:32 AM
    Monday, June 17, 2019 8:45 AM
    Moderator

All replies

  • Hi saqsaqPK,

    Thank you for posting here.

    Based on your description, you want to redirect to desire page with correct username and password.

    I think you could use Response.Redirect method to solve it.

    Code:

     protected void Button1_Click(object sender, EventArgs e)
            {
               
                Response.Redirect("~/WebForm2.aspx");
            }

    Result:

    Best Regards,

    Jack



    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    • Marked as answer by saqsaqPK Monday, June 17, 2019 9:32 AM
    Monday, June 17, 2019 8:45 AM
    Moderator
  • You have some serious issues with SQL Injection attack on your Web solution for the simple fact that you are using T-SQL in the form's code behind file,  and you are directly accessing the database in the ASP.NET Web form. Both are no-no situations that can and will lead to your Web solution being compromised.

    The UI/Web form should never have direct contact with the database in a Web based solution, never, which should be buried in the Data Access Layer using parameterized in-line T-SQL or parameterized  Stored Procedure to prevent SQL Injection Attack.. 

    1) You should understand seperation of concerns.

    https://en.wikipedia.org/wiki/Separation_of_concerns

    2) You should learn how to use an architectural style such as the Layered Style.

    https://docs.microsoft.com/en-us/previous-versions/msp-n-p/ee658117(v=pandp.10)

    It doesn't matter if the Layered style is used in a Windows or ASP.NET form solution as the principles are  the same on how to create and use the layers.

    https://www.codeproject.com/Articles/36847/Three-Layer-Architecture-in-C-NET

    https://www.c-sharpcorner.com/UploadFile/4d9083/create-and-implement-3-tier-architecture-in-Asp-Net/

    3) You should learn how to use Seperation of Duty in the ASP.NET Web form by using the Model View Presenter in the ASP.NET Web form. The ASP.NET Web form should be dumb as dumb as possible and only dealing with controls and their events and with its form events,  and all other code logic  deferred to other areas not in the form's code-behind file.

    https://en.wikipedia.org/wiki/Model–view–presenter

    https://www.codeproject.com/Articles/228214/Understanding-Basics-of-UI-Design-Pattern-MVC-MVP

    http://polymorphicpodcast.com/shows/mv-patterns/

    4) You should learn how to use the DTO pattern to send data through the layers.

    https://en.wikipedia.org/wiki/Data_transfer_object

    https://www.codeproject.com/Articles/1050468/Data-Transfer-Object-Design-Pattern-in-Csharp

    Finally, ASP.NET issues can be discussed in the ASP.NET forums.

    http://forums.asp.net/

    Monday, June 17, 2019 9:59 AM