Please support our ASP.NET advertiser: Lunarpages ASP Web Hosting
Views: 148769 | Replies: 145
 |
•
•
Join Date: May 2005
Posts: 5
Reputation: 
Rep Power: 0
Solved Threads: 0
Newbie Poster
Ok, I was reading and I don't know if I got this right but millers_35 if your problem is that you get redirected to default.aspx even if you didn't come from there here is what I found:
This is what everybody has in their Login.aspx
But the RedirectFromLoginPage works right if you pass the "ReturnUrl" parameter otherwise it will redirect you to Default.aspx everytime you entered the right username and password.
This should be in the page you want to protect. In this case the page name is TestDetails.aspx
the code is in C# sorry no time to change.
This is what everybody has in their Login.aspx
FormsAuthentication.RedirectFromLoginPage(txtUserName.Text, false);
This should be in the page you want to protect. In this case the page name is TestDetails.aspx
if (Session["Logged_IN"].Equals("No"))
{
Response.Redirect("../Members/Login.aspx?ReturnUrl=/mdb/Admin/TestDetails.aspx");
}the code is in C# sorry no time to change.
•
•
Join Date: May 2005
Location: Long Beach, CA
Posts: 1
Reputation:
Rep Power: 0
Solved Threads: 0
Newbie Poster
Dear Paladine,
Thank you so much for your code and explanations!! I have learned alot. My VB.Net applications has about 30 pages and now they're all protected!! Is it possible to pass the username and password from another program to VB.Net so that the user doesn't have to login again? I use CodeCharge for the data entry section of my application (about 100 screens). Crystal Reports in VB.Net are in another section. Right now, when the user goes to the reports section, they have to login again.
Sharon Niles
Thank you so much for your code and explanations!! I have learned alot. My VB.Net applications has about 30 pages and now they're all protected!! Is it possible to pass the username and password from another program to VB.Net so that the user doesn't have to login again? I use CodeCharge for the data entry section of my application (about 100 screens). Crystal Reports in VB.Net are in another section. Right now, when the user goes to the reports section, they have to login again.
Sharon Niles
•
•
Join Date: Feb 2003
Location: Canada
Posts: 786
Reputation:
Rep Power: 9
Solved Threads: 25
Master Poster
Off the top of my head I would have a flag in the DB to check if a user is logged in or not (useful for real time reporting as well), which gets set true / false based on if the user is logged in or logged out (hasn't logged in yet). Check that as part of your security.
Hope this helps.... I am off to bed now.
Hope this helps.... I am off to bed now.
Assistant Manager, Regional Pharmacy Information Systems
TLC Services Website (Under Construction)
Updated : ASP.Net Login Code
TLC Services Website (Under Construction)
Updated : ASP.Net Login Code
•
•
Join Date: Feb 2003
Location: Canada
Posts: 786
Reputation:
Rep Power: 9
Solved Threads: 25
Master Poster
Note
Oh, one last point. You do not have to use the FormsAuthentication.RedirectFromLogin line of code in your application(s).
Use Response.Redirect, if my method is causing an issue.
It is the logic and understanding that matters, not so much the method you use to get there.
Oh, one last point. You do not have to use the FormsAuthentication.RedirectFromLogin line of code in your application(s).
Use Response.Redirect, if my method is causing an issue.
It is the logic and understanding that matters, not so much the method you use to get there.
•
•
•
•
Originally Posted by leTus
Ok, I was reading and I don't know if I got this right but millers_35 if your problem is that you get redirected to default.aspx even if you didn't come from there here is what I found:
This is what everybody has in their Login.aspx
But the RedirectFromLoginPage works right if you pass the "ReturnUrl" parameter otherwise it will redirect you to Default.aspx everytime you entered the right username and password.FormsAuthentication.RedirectFromLoginPage(txtUserName.Text, false);
This should be in the page you want to protect. In this case the page name is TestDetails.aspx
if (Session["Logged_IN"].Equals("No")) { Response.Redirect("../Members/Login.aspx?ReturnUrl=/mdb/Admin/TestDetails.aspx"); }
the code is in C# sorry no time to change.
Assistant Manager, Regional Pharmacy Information Systems
TLC Services Website (Under Construction)
Updated : ASP.Net Login Code
TLC Services Website (Under Construction)
Updated : ASP.Net Login Code
•
•
Join Date: Jun 2005
Posts: 1
Reputation:
Rep Power: 0
Solved Threads: 0
Newbie Poster
Re: Updated : Simple ASP.Net Login Page Hi Paladine,
I have a stupid question. I am just learning ASP.NET and I am trying to build an ASP.Net login page using SQL.
I wanted to know about the DBConnection function. Where does that go? Does it go in the code_behind or in the aspx page?
I can show you my code thus far but it will be tonight since it is not with me right now.
Thanks in advance
anillm
I have a stupid question. I am just learning ASP.NET and I am trying to build an ASP.Net login page using SQL.
I wanted to know about the DBConnection function. Where does that go? Does it go in the code_behind or in the aspx page?
I can show you my code thus far but it will be tonight since it is not with me right now.
Thanks in advance
anillm
•
•
Join Date: Feb 2003
Location: Canada
Posts: 786
Reputation:
Rep Power: 9
Solved Threads: 25
Master Poster
VB.NET code would be in the code behind. It is a function I created, to provide scalability to the application.
Assistant Manager, Regional Pharmacy Information Systems
TLC Services Website (Under Construction)
Updated : ASP.Net Login Code
TLC Services Website (Under Construction)
Updated : ASP.Net Login Code
•
•
Join Date: Feb 2003
Location: Canada
Posts: 786
Reputation:
Rep Power: 9
Solved Threads: 25
Master Poster
Here is an excellent article on Injection Attacks and how to avoid them.
Assistant Manager, Regional Pharmacy Information Systems
TLC Services Website (Under Construction)
Updated : ASP.Net Login Code
TLC Services Website (Under Construction)
Updated : ASP.Net Login Code
•
•
Join Date: Jul 2005
Posts: 8
Reputation:
Rep Power: 0
Solved Threads: 0
Newbie Poster
Hi Paladine,
If you have to read mu post please go to this link http://www.daniweb.com/techtalkforums/thread24148.html
I've a problem when i try to work for AccessDB with c#.
thanks,
BeeNarak
If you have to read mu post please go to this link http://www.daniweb.com/techtalkforums/thread24148.html
I've a problem when i try to work for AccessDB with c#.
thanks,
BeeNarak
•
•
Join Date: Feb 2003
Location: Canada
Posts: 786
Reputation:
Rep Power: 9
Solved Threads: 25
Master Poster
Ok no problem, but you could have sent me a private message rather than posting here.
Please see my response on the other thread. Provide as much detail as you can when you have problem, it makes it easier to narrow it down.
Later
Please see my response on the other thread. Provide as much detail as you can when you have problem, it makes it easier to narrow it down.
Later
•
•
•
•
Originally Posted by BeeNarak
Hi Paladine,
If you have to read mu post please go to this link http://www.daniweb.com/techtalkforums/thread24148.html
I've a problem when i try to work for AccessDB with c#.
thanks,
BeeNarak
Assistant Manager, Regional Pharmacy Information Systems
TLC Services Website (Under Construction)
Updated : ASP.Net Login Code
TLC Services Website (Under Construction)
Updated : ASP.Net Login Code
•
•
Join Date: Jul 2005
Posts: 2
Reputation:
Rep Power: 0
Solved Threads: 0
Newbie Poster
Paladine, firstly thanks for the tutorials you've posted here, they seem great, but i'm having trouble getting it to work for me. Hoping you could help.
I'm trying to build a login page, connecting to an SQL server database using C#, so i've mixed up a few of your tutorials to try to achieve this. here is my C# code for the login page, it uses a connection from another C# file rather than your Web.Config suggestion, but i know the connection works as it is used successfully for other code:
Here is my connection code:
Here is my stored procedure code
I have a Default.aspx page created too, and everything builds with no errors.
However, when i go to the login page and type in Username and password, regardless of wheter or not the entries are correct, the login page basically refreshes, leaving the username text box filled, and the password text box blank. No error message is shown in the messageLbl control.
Any ideas what the problem might be?
Thanks again.
I'm trying to build a login page, connecting to an SQL server database using C#, so i've mixed up a few of your tutorials to try to achieve this. here is my C# code for the login page, it uses a connection from another C# file rather than your Web.Config suggestion, but i know the connection works as it is used successfully for other code:
private void Submit1_ServerClick(object sender, System.EventArgs e)
{
if(Page.IsValid)
{
if(ValidateUser(usernameTxtBx.Text.Trim(), passwordTxtBx.Text.Trim()))
{
FormsAuthentication.RedirectFromLoginPage (usernameTxtBx.Text, false);
}
else
{
messageLbl.Text = "Invalid Login, please try again!";
}
}
}
private bool ValidateUser(string txtUser, string txtPass)
{
// Connect to Database
DataAccess.DBConnection.GetLoginConnection();
// Access Stored Procedure
SqlCommand cmd = new SqlCommand("proc_ValidateUser", conn);
cmd.CommandType = CommandType.StoredProcedure;
// Create Parameters
SqlParameter objParam1;
SqlParameter objParam2;
SqlParameter returnParam;
objParam1 = cmd.Parameters.Add("@usrName", SqlDbType.NVarChar);
objParam2 = cmd.Parameters.Add("@usrPassword", SqlDbType.NVarChar);
returnParam = cmd.Parameters.Add("@Num_of_User", SqlDbType.Int);
// Set the direction of the parameters
objParam1.Direction = ParameterDirection.Input;
objParam2.Direction = ParameterDirection.Input;
returnParam.Direction = ParameterDirection.ReturnValue;
// Set the values of the parameters
objParam1.Value = txtUser;
objParam2.Value = txtPass;
try
{
if(conn.State.Equals(ConnectionState.Closed))
{
conn.Open();
cmd.ExecuteNonQuery();
}
if((int)returnParam.Value < 1)
{
messageLbl.Text = "Invalid Login!";
return false;
}
else
{
conn.Close();
return true;
}
}
catch (Exception ex)
{
messageLbl.Text = ex + "Error connecting to database!";
return false;
}
finally
{
// Ensures connection has closed
conn.Close();
}
}Here is my connection code:
public static SqlConnection GetLoginConnection()
{
SqlConnection conn = new SqlConnection("Server=(local);Database=YLCdbSQL;Integrated Security=SSPI");
return conn;
}Here is my stored procedure code
CREATE PROCEDURE proc_ValidateUser (@usrName nvarchar(15) = NULL, @usrPassword nvarchar(15) = NULL, @Num_of_User int = 0 ) AS SET @Num_of_User = (SELECT COUNT(*) AS Num_of_User FROM tblUser WHERE usrName=@usrName AND usrPassword=@usrPassword) RETURN @Num_of_User GO
I have a Default.aspx page created too, and everything builds with no errors.
However, when i go to the login page and type in Username and password, regardless of wheter or not the entries are correct, the login page basically refreshes, leaving the username text box filled, and the password text box blank. No error message is shown in the messageLbl control.
Any ideas what the problem might be?
Thanks again.
|
•
•
•
•
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
Linear Mode
