954,505 Members — Technology Publication meets Social Media
Username:
Password:
Lost login information?
Have something to say? Contribute New Article Reply to this Article
4 Years Ago
0

Validate username/password vs SQL Db

Hi, I have written a C# dll and I have a SQL Db that has three columns (username, password, role). The role element is a class of user eg admin, user; each role needs a different login completion event. The login form I am using is an ASP.net web page that makes calls to the login dll (which in turn connects to the Db and where my validation needs to occur). THe issue I am having is how is the validation done?
Now I have read this article :
http://www.daniweb.com/forums/thread87556-2.html
but that deals with Access Db, not SQL. any ideas ? Thanks for your time!

majestic0110
Nearly a Posting Virtuoso
1,328 posts since Oct 2007
Reputation Points: 256
Solved Threads: 72
 
4 Years Ago
0

ok here is my connection/validation code

using System;
using System.Collections.Generic;
using System.Text;
using System.Data;
using System.Data.SqlClient;

namespace blah
{
    public class UserLogin
    {
        private SqlConnection connection = new SqlConnection();

        public UserLogin()
        {
            ///create sql connection
            
            connection.ConnectionString = "Data Source=Phil;Initial Catalog=demo;Integrated Security = SSPI";
            connection.Open();
        }
        public Boolean Login(String username, String password)
        {
            SqlCommand cmd = new SqlCommand("SELECT password FROM users WHERE username = '"+username+"' ",connection);
            SqlDataReader reader = cmd.ExecuteReader();
            while (reader.Read())
            {
                String s = (String)reader[0];
            }
            return false;
        }


    }
}


here is my loginpage code

using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;

using System.Data.SqlClient;

public partial class _Default : System.Web.UI.Page 
{
    private UserLogin UserID;

    protected void Page_Load(object sender, EventArgs e)
    {

    }
    
    protected void Button1_Click(object sender, EventArgs e)
    {
        UserID = new UserLogin();
        UserID.Login(UserText.Text, PasswordText.Text);

    }
    
}


My question is how can I validate user input in the username/password textboxes agaisnt username/password columns in the sql db I have? thanks

majestic0110
Nearly a Posting Virtuoso
1,328 posts since Oct 2007
Reputation Points: 256
Solved Threads: 72
 
4 Years Ago
0

First, your ASP is the one connecting to the database using the credendials of the web site setup. (Windows authentication mode).

You are to validating the information from the login screen against the database. Just keep in mind that SQL sees the web service as the one logged in not the credentials or person supplied in the query. IOW, the user is not logged in as the user. You connection string is using windows authentication, meaning it takes the web service credentials as the logged in user.

Does that help ?

JerryShaw
Posting Pro in Training
465 posts since Nov 2006
Reputation Points: 69
Solved Threads: 75
 
1 Year Ago
Show Comments
-1

how is this working ??
I tried this code but its neither redirecting to the destined page after sucessfull login nor giving error message

please help .... i need to develop my training project in this weak itself :(

thnks

khusiaaaan
Newbie Poster
2 posts since Jan 2009
Reputation Points: 10
Solved Threads: 0
 

This question has already been solved

Post: Markdown Syntax: Formatting Help
You
 
© 2012 DaniWeb® LLC
Home | About Us | Contact Us | Terms of Service | Advertising Opportunities
RSS Feed RSS Feed