locked
Creating a login process via a dataset RRS feed

  • Question

  • User-1106011126 posted

    I've read reams of literature on the process, the use of datasets and sql queries, and done a few of the walkthrus that are offered by Visual Studio documentation.  I feel that I need to complete this following approach not only to obtain the working solution, but to gain an understanding of what I am missing.   I have a database with a table that includes pairs of usernames and passwords.  I have defined a form that contains two textboxes (userid and password).  I have defined a dataset that includes those two elements and an additional one from the table.  On my text changed event for the userid,  I want to compare the textbox to the dataset contents to verify that the dataset contains the input user id.  Here, is where I get lost on the implementation.

    If my dataset is defined thru a query to be all table rows entered, then I need to find out how to examine or find the row that matches.  If I can get the answer to this part then I can probably do what is necessary to validate the password entry in the second text box.  My code is pasted below.  If someone out there can provide me with corrections to allow me to see my errors I would be appreciative.  If it is less painful, maybe you have a working solution to something similar that would provide me with the insight to how to work with the dataset (which is what I think I am lacking).   My code is pasted in below.

    Public Class Form1
        Public NEEDTOREGISTER As Boolean = False, userIDNUMBER As Integer
        Private Sub Form1_Load(sender As System.Object, e As System.EventArgs) Handles MyBase.Load
            'TODO: This line of code loads data into the 'OPGDataSet.LOGIN' table. You can move, or remove it, as needed.
            Me.LOGINTableAdapter.Fill(Me.OPGDataSet.LOGIN)

        End Sub

        Private Sub USERID_TextChanged(sender As System.Object, e As System.EventArgs) Handles USERID.TextChanged
            NEEDTOREGISTER = False
            If (USERID = LOGIN2.OPGDataSet.LOGIN.emailColumn) Then
                'proceed with process.  We'll check the password when its text has changed
                'above assumes that the dataset consists of a single item that has been qualified by the query OR
                'we need to loop thru all of the rows of the dataset to find or not find a matching entry
                GoTo success
            End If
            'we need to register the new user here
            NEEDTOREGISTER = True
    success:
        End Sub

        Private Sub Password_TextChanged(sender As System.Object, e As System.EventArgs) Handles Password.TextChanged
            'if needtoregister is false and password is non-blank we want to match the entry with the dataset value
            If (NEEDTOREGISTER = True) Then
                'the userid and password will be entered tentatively into the login table.  When a confirmation
                'is received with a username, the name will be entered in stead of the date which was entered in the name field

            End If
            If (Password = LOGIN2.OPGDataSet.LOGIN.PasswordColumn) Then GoTo success
            'return wit a message of bad password solicit 3 tries and then suspend entry for this e-mail for say 5 minutes
    success:
            userIDNUMBER = LOGIN2.OPGDataSet.LOGIN.logixcolumn
            Return()

        End Sub
    End Class

    Thursday, July 3, 2014 2:24 PM

Answers

  • User-821857111 posted

    Why don't you query the database directly instead of creating a copy of the database table in a dataset? Usually, you just take the user name and password and then run a query directly against the database using SQL to find out how many rows match that combination. If it is more than 0, the user has authenticated. Datasets have little use in ASP.NET.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, July 3, 2014 4:47 PM
  • User-821857111 posted

    A standard login consist of a user name and password input. The SelectCommand is designed to establish if there is a matching combination in the database. You can do that with a simple Count:

    SELECT Count(*) FROM LOGIN WHERE Email = @Email AND Password = @Password

    If the result of that query is greater than 0, the user has authenticated.

    If you want to use a SqlDataSource to execute the query, you have two options in terms of returning the data: Dataset or DataReader. The default is Datset. However, it is also the least efficient and unnecessary when you a returning a 'scalar' value (like a count). Either way, you can access the returned value in the Selecting event of the datastource control. This article illustrates how: http://www.mikesdotnetting.com/Article/64/Bind-Data-From-a-SqlDataSource-to-a-Label

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Saturday, July 12, 2014 4:33 AM

All replies

  • User-821857111 posted

    Why don't you query the database directly instead of creating a copy of the database table in a dataset? Usually, you just take the user name and password and then run a query directly against the database using SQL to find out how many rows match that combination. If it is more than 0, the user has authenticated. Datasets have little use in ASP.NET.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, July 3, 2014 4:47 PM
  • User-1106011126 posted

    Thats a great answer and what I have been seeking for some time.  As you can tell I am very new to the web and VS2010 is my first  and only experience.  What you are suggesting is the way I used to do things way back when, but I have been led astray by the tools and walk-throughs.  If I may, can you review my intended procedure?  I will grab the value of the textbox in the text_changed routine and create a query and then act on the results as I am doing now.   Sound about right?   I've already marked it as a response.  You have no idea how enlightening this was.

    Thank you.

    Thursday, July 3, 2014 5:26 PM
  • User-821857111 posted

    I'm not sure about the use of textBox_changed events. You need both the user name and password so you really want to put your login in a button click event.

    Thursday, July 3, 2014 5:42 PM
  • User-1106011126 posted

    I understand what you are saying.  I was planning to do it in two steps, the first being to establish the existence of the userid and proceed to register if not there;  query the table if it is there to validate the passwprd that is in the second textbox.  Your proposed way makes more sense.  Thanks again for the excellent response/validation/confirmation you've given me.

    eps123

    Thursday, July 3, 2014 10:33 PM
  • User-1106011126 posted

    I replied prematurely to your last suggestion.  I thought that writing direct queries would be a piece of cake.  I created the basic form with its two text boxes and a button control.  I drifted to my code window for my button and thought this would be a logical place to launch my queries.   Found myself very short on knowledge as to how to proceed.  Both Microsoft and my newest reference constantly dwell on the subject using dataset methods with a very annoying reminder that I haven't had to write a single line of code.  The illustrations have shown me how to bind data to textboxes, create grid views and navigate thru the data, none of which do me any good for this purpose.   I would love to see how I could execute a sql command and receive the results as I did 25 years ago in a less complex environment.  Do I need to launch into ADO.NET in my next chapter?  Or can you possibly give me a sample of code to accomplish this in order to speed on my way? 

    I will appreciate your further guidance.

    Eps123

    Friday, July 4, 2014 4:09 PM
  • User-821857111 posted

    Is this an ASP.NET Web application?

    Friday, July 4, 2014 4:16 PM
  • User-1106011126 posted

    Yes I am developing in a Visual Studio 2010 environment.  Does my question on ADO.net raise the question by you?

    Friday, July 4, 2014 4:57 PM
  • User-821857111 posted

    Yes I am developing in a Visual Studio 2010 environment.

    But is it a web application? Your code earlier was for a Windows Forms application.

    Friday, July 4, 2014 5:14 PM
  • User-1106011126 posted

    Sorry to be revealing my ignorance of the difference.  Thus far everything I have done has not been a forms application.  My latest application is not a form but I require a login process so I chose forms.  Please clarify why this is wrong and what should I be doing to create the login?

    Friday, July 4, 2014 5:33 PM
  • User-821857111 posted

    A Forms application will not run in browsers. If you are building a web site, your login should be part of your web site. 

    I think you might benefit from spending a bit of time researching your subject: http://www.asp.net/web-forms/tutorials/security

    Saturday, July 5, 2014 3:42 AM
  • User-1106011126 posted

    Thank you, I've wasted a lot of time on forms in seeking a solution for my web project.  In all the tutorials I've read, none has provided me with your statement that "A Forms application will not run in browsers".  So now, I have come back to my original question.  I have an application that has two text boxes (userid and password) and a login button.  Within the confines of VS2010 I have added a tool called sqldatasource that allows me to query my table qualifying by my user control for the userid textbox.  My problem is not knowing how to capture the result of the query so that I can proceed with the necessary steps.  Basically, the sqldatasource does nothing for me as it stands now (with my lack of knowledge) but I can see that it does execute properly.  I just need to know how to obtain the results.  I am pasting in my existing progress if it is of any use to you in understanding my dilemma.

    <%@ Page Title="Home Page" Language="vb" MasterPageFile="~/Site.Master" AutoEventWireup="false"
        CodeBehind="Default.aspx.vb" Inherits="LOGINW._Default" %>

    <asp:Content ID="HeaderContent" runat="server" ContentPlaceHolderID="HeadContent">
    </asp:Content>
    <asp:Content ID="BodyContent" runat="server" ContentPlaceHolderID="MainContent">
        <asp:Label ID="Label1" runat="server" Text="USERID"></asp:Label>
    <asp:TextBox ID="USERID" runat="server" style="margin-left: 103px"
        Width="130px"></asp:TextBox>
    <br />
        <asp:SqlDataSource ID="SqlDataSource1" runat="server"
            ConnectionString="<%$ ConnectionStrings:OPGConnectionString %>"
            SelectCommand="SELECT [LOGIX], [email], [Password] FROM [LOGIN] WHERE ([email] = @email)">
            <SelectParameters>
                <asp:ControlParameter ControlID="USERID" Name="email" PropertyName="Text"
                    Type="String" />
            </SelectParameters>
        </asp:SqlDataSource>
    <br />
    <br />
    <asp:Label ID="Label2" runat="server" Text="PASSWORD"></asp:Label>
    <asp:TextBox ID="PASSWORD" runat="server" style="margin-left: 65px"
        Width="141px"></asp:TextBox>
    <br />
    <br />
        <asp:Button ID="LOGIN" runat="server" Text="LOGIN" />
    <br />
    <br />
    <br />
    </asp:Content>

    I hope my question is clear and obviously, that you can further illuminate where I need to study and learn.

    Thank you.

    eps123

    Saturday, July 5, 2014 11:29 AM
  • User-821857111 posted

    I've wasted a lot of time on forms in seeking a solution for my web project.

    I really do recommend you spend some time reading about ASP.NET. The Learn section of this site shows how to do most everything, including building a log in page. Trying stuff without any research and posting questions to a forum is not the best way to learn any discipline. That's particularly true of ASP.NET.

    Saturday, July 5, 2014 3:00 PM
  • User-1106011126 posted

    I feel you are blowing me off as some hack "Trying stuff without any research".  Actually, with your advice I have progressed but almost all of it has generated more questions on my part than answers.  First, I have spent quite some time reading documentation in the visual studio help section which should coincide with what is in the LEARN section. I tried the LEARN section and it did not take me anywhere leaving me with the impression that only with VS2013 can I accomplish the further learning.  I am sure there is an answer to this but let me move on.  One of your responses to me said that you cannot run a forms application in a browser.  I admit that I have not seen that before nor have I run across anything that has defined the distinction between a forms application and an asp.net application.  I suppose because every illustration, example or walkthrough has begun with creating a form, I stupidly thought that these were forms applications.

    Enough of my whining and let me present you with where I stand and what I am looking for.  The question is still the same, but I have abandoned starting as a forms application.  It is now a simple web-site.  Two text boxes, username and password plus a LOGIN button.  I have defined a sqldatasource that accesses a database table.  The query I have defined fully qualifies the selection employing the username textbox control.  I placed a dataset on my page only to prove to myself that everything I have done thus far works.  The result of my click on my login button is accurate with only the userid entry occurring  first.  To my mind all I need to know to complete this task is how to refer to the elements of my dataset so that I can determine if the query result was null.  If not null then  I need to refer to the dataset element 3 to validate the paswword.

    Placing what I have below.  Hope you can help and if you are weary of me, I'll try elsewhere.

    <%@ Page Title="Home Page" Language="vb" MasterPageFile="~/Site.Master" AutoEventWireup="false"
        CodeBehind="Default.aspx.vb" Inherits="LOGINW._Default" %>

    <asp:Content ID="HeaderContent" runat="server" ContentPlaceHolderID="HeadContent">
    </asp:Content>
    <asp:Content ID="BodyContent" runat="server" ContentPlaceHolderID="MainContent">
        <asp:Label ID="Label1" runat="server" Text="USERID"></asp:Label>
    <asp:TextBox ID="USERID" runat="server" style="margin-left: 103px"
        Width="130px"></asp:TextBox>
    <br />
        <asp:SqlDataSource ID="SqlDataSource1" runat="server"
            ConnectionString="<%$ ConnectionStrings:OPGConnectionString %>"
            
            
            SelectCommand="SELECT [LOGIX], [email], [Password] FROM [LOGIN] WHERE ([email] = @email)">
            <SelectParameters>
                <asp:ControlParameter ControlID="USERID" Name="email" PropertyName="Text"
                    Type="String" />
            </SelectParameters>
        </asp:SqlDataSource>
    <br />
    <br />
    <asp:Label ID="Label2" runat="server" Text="PASSWORD"></asp:Label>
    <asp:TextBox ID="PASSWORD" runat="server" style="margin-left: 65px"
        Width="187px"></asp:TextBox>
    <br />
    <br />
        <asp:Button ID="LOGIN" runat="server" Text="LOGIN" />
        <asp:DataList ID="DataList1" runat="server" DataKeyField="LOGIX"
            DataSourceID="SqlDataSource1">
            <ItemTemplate>
                LOGIX:
                <asp:Label ID="LOGIXLabel" runat="server" Text='<%# Eval("LOGIX") %>' />
                <br />
                email:
                <asp:Label ID="emailLabel" runat="server" Text='<%# Eval("email") %>' />
                <br />
                Password:
                <asp:Label ID="PasswordLabel" runat="server" Text='<%# Eval("Password") %>' />
                <br />
    <br />
            </ItemTemplate>
        </asp:DataList>
    <br />
    <br />
    <br />
    </asp:Content>

    Public Class _Default
        Inherits System.Web.UI.Page
        Dim UID As Integer, PW As String
        
        
        Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load

        End Sub

        Protected Sub USERID_TextChanged(sender As Object, e As EventArgs) Handles USERID.TextChanged
            
        End Sub

        Protected Sub LOGIN_Click(sender As Object, e As EventArgs) Handles LOGIN.Click
            Dim i As Integer, id, v2, v3 As String

            i = i
            'PW = DataList1(3)
            'Here is where I need a reference to the dataset "dataset1" produced by my execution of the sqldatasource
        End Sub
    End Class

    Friday, July 11, 2014 5:35 PM
  • User-821857111 posted

    A standard login consist of a user name and password input. The SelectCommand is designed to establish if there is a matching combination in the database. You can do that with a simple Count:

    SELECT Count(*) FROM LOGIN WHERE Email = @Email AND Password = @Password

    If the result of that query is greater than 0, the user has authenticated.

    If you want to use a SqlDataSource to execute the query, you have two options in terms of returning the data: Dataset or DataReader. The default is Datset. However, it is also the least efficient and unnecessary when you a returning a 'scalar' value (like a count). Either way, you can access the returned value in the Selecting event of the datastource control. This article illustrates how: http://www.mikesdotnetting.com/Article/64/Bind-Data-From-a-SqlDataSource-to-a-Label

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Saturday, July 12, 2014 4:33 AM
  • User-1106011126 posted

    Thank you so much.  Your binding link answered my question and the one-liner I was seeking was DirectCast(SqlDataSource1.Select(DataSourceSelectArguments.Empty), DataView).

    Now please tell me where I would have gleaned that information.  Your book, or endless study?

    Thanks again,

    eps123

    Monday, July 14, 2014 12:29 PM
  • User-821857111 posted

    Not my book - it's about Web Pages ,not Web Forms. There are no server controls in Web Pages. I got the information from a Google search years ago.

    The nature of ASP.NET requires endless study. It's forever changing. I started learning it in 2005, and I'm still learning it.

    Monday, July 14, 2014 4:22 PM