1.11M Members

Login System (vb.net -> PHP -> MySQL)

 
0
 

Hello everyone,
i need small help since im stuck, and im not that good with php and vB.net connections...
So here is the problem, i manage to get connected to db and php script shows me if im connected or not, grab if user/pw is correct everything works fine, but now i do not know how to grab, on new form show up, data from that user and display it in label, like in db it has date of registration, last login and email, i want to get them on my second form.. so if anyone could help me out to sort those things and manage to complete goal, i would be really thankfull!

Usercheck.php

<?php
if($_POST)
{
    if(isset($_POST["username"]) && isset($_POST["password"]))
    {
        $connect = mysql_pconnect("localhost","username","password");
        if($connect)
        {
            $select = mysql_select_db("mydatabase",$connect);
            if($select)
            {
                $user = mysql_escape_string($_POST["username"]);
                $pwd = mysql_escape_string($_POST["password"]);
                $GetRows = mysql_query("SELECT * FROM MyTableHere WHERE username='$user' AND password='$pwd'");
                $RowCount=mysql_num_rows($GetRows);
                if($RowCount>0)
                {
                    die("Correct !");
                }
                else
                {
                    die("Incorrect !");
                }
            }
            else
            {
                die("Unable to select database." . mysql_error());
            }
        }
        else
        {
            die("Unable connect to database." . mysql_error());
        }
    }
    else
    {
        die("Access Denied!");
    }
}
else
{
    die("Access Denied!");
}
?>

Snipet of Form1.vb

Function AuthUser(ByVal AuthenticationPage As String, ByVal Username As String, ByVal Password As String) As Boolean
        Dim wc As New WebClient()
        wc.Headers.Add("Content-Type", "application/x-www-form-urlencoded")
        Dim Data As String = String.Format("username={0}&password={1}", HttpUtility.UrlEncode(Username), HttpUtility.UrlEncode(Password))
        Dim ResponseBytes() As Byte = wc.UploadData(AuthenticationPage, "POST", Encoding.ASCII.GetBytes(Data))
        Dim Response As String = Encoding.ASCII.GetString(ResponseBytes)
        If Response.Contains("Correct") Then
            Return True
        Else
            Return False
        End If
    End Function
    Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
        If AuthUser("http://127.0.0.1/Usercheck.php", TextBox1.Text, TextBox2.Text) Then
            Me.Hide()
            Form2.Show()
        Else
            MsgBox("You have provided invalid username or password. Unable to login.")
        End If
    End Sub

Could anyone help me out please? :)

 
0
 

Hi

Why use PHP? Why not VB.NET > MySQL?

 
0
 

I also wonder why php came in here! Why not just from VB.NET to MySQL as G Waddell said?

 
0
 

just because of one simple reason, lets say we include mysql connector lib, insert our db details to form code compile app everything works like a charm, then some random guy show up take your .exe decompile it and grab mysql details from decompiled source login to db and grab all infos, good enought reason right? :)

 
0
 

So you're saying an uncomplied php file is more secure than a complied .Net program?

 
0
 

If Random guys can just show up take your dll and decompile it then a login page is the least of your security issues on that server! If you're that worried you can use an obfuscation program. But frankly if you have a secure server they shouldn't be able to even get to that stage. What if they get in and hijack your session? or use cross site scripting? You are only as secure as the system you design and build on. ASP.NET is just as secure as PHP

 
0
 

Every obfuscation program has deobfuscator :)

You
This article has been dead for over six months: Start a new discussion instead
Post:
Start New Discussion
Tags Related to this Article