locked
username & password validation RRS feed

  • Question

  • User1667772157 posted

    I am trying to validate a username and password that has been entered in a text box, and validating it against a username and password that is in an Access database.  How would I do that in visual web developer using sql?

    Saturday, March 22, 2008 5:06 PM

Answers

  • User-874886737 posted

    In the onclick of the logon button, try something like (I'm using VB.NET):

           Dim strConn As String = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=|DataDirectory|userdatabase.mdb"
            Dim cn As New OleDbConnection(strConn)
            Try
                cn.Open()
                Dim cm As New OleDbCommand("SELECT COUNT(*) FROM users WHERE username=? AND password=?;", cn)
                cm.Parameters.AddWithValue("?",TextBoxUsername.Text)
                cm.Parameters.AddWithValue("?",TextBoxPassword.Text)
                Dim count As Integer = CInt(cm.ExecuteScalar())
                If(count>0) Then
                      ' user successfully logged on
                      ' do something
                Else
                     lblError.Text = "Logon failed"
                End If
            Catch ex As Exception
                lblError.Text = ex.Message()
            Finally
                cn.Close()
            End Try

    Jos

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Sunday, March 23, 2008 4:40 AM

All replies

  • User-874886737 posted

    In the onclick of the logon button, try something like (I'm using VB.NET):

           Dim strConn As String = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=|DataDirectory|userdatabase.mdb"
            Dim cn As New OleDbConnection(strConn)
            Try
                cn.Open()
                Dim cm As New OleDbCommand("SELECT COUNT(*) FROM users WHERE username=? AND password=?;", cn)
                cm.Parameters.AddWithValue("?",TextBoxUsername.Text)
                cm.Parameters.AddWithValue("?",TextBoxPassword.Text)
                Dim count As Integer = CInt(cm.ExecuteScalar())
                If(count>0) Then
                      ' user successfully logged on
                      ' do something
                Else
                     lblError.Text = "Logon failed"
                End If
            Catch ex As Exception
                lblError.Text = ex.Message()
            Finally
                cn.Close()
            End Try

    Jos

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Sunday, March 23, 2008 4:40 AM
  • User-855621155 posted
    can you give the same exemple in c# code?
    Saturday, March 29, 2008 11:45 AM
  • User-874886737 posted

    Automatic translation from vb to C#:

    http://labs.developerfusion.co.uk/convert/vb-to-csharp.aspx

    Jos

    Sunday, March 30, 2008 3:44 AM
  • User-298397817 posted

    create procedure CheckLoginDetails

    (

    @username  nvarchar(100),

    @password nvarchar(100)

    )

    As

    Begin

     

    select Count(*) from tablename where Username=@username ,password=@password

     

     

    End

     

     

    in Codebehind Ur using Executescalar.

    Monday, March 31, 2008 9:45 AM
  • User984479729 posted

    con.Open();
            SqlCommand cmd = new SqlCommand("select count(username) from newuser where username='" + txt_uname.Text + "' and password='" + txt_pwd.Text + "'", con);
            String str1 = Convert.ToString(cmd.ExecuteScalar());
            con.Close();
            if (str1 =="1")
            {
                Response.Redirect("home.aspx");
            }
            else
            {
                Response.Write("Please be a member");
            }

    Cool

    Thursday, November 10, 2011 5:41 AM
  • User-1199946673 posted

    Cool

    Very cool, but you obviously never heard of SQL injections?

    http://www.mikesdotnetting.com/Article/113/Preventing-SQL-Injection-in-ASP.NET

    Also, password is a Reserved word in Jet, so when using this as a fieldname, it should be enclosed in brackets...

    [password]

    A simple login system using Access can be found here:

    http://www.mikesdotnetting.com/Article/75/Simple-Login-and-Redirect-for-ASP.NET-and-Access

    But why not use the Membership provider?

    http://imar.spaanjaars.com/404/using-the-microsoft-access-providers-to-replace-the-built-in-sql-server-providers
    http://imar.spaanjaars.com/560/using-the-microsoft-access-providers-for-membership-roles-and-profile-under-aspnet-4

    Thursday, November 10, 2011 6:06 AM