943,662 Members | Top Members by Rank

Web Development > ASP.NET > login validation
Ad:
  • ASP.NET Discussion Thread
  • Unsolved
  • Views: 5388
  • ASP.NET RSS
Permalink
Feb 14th, 2008
0

login validation

Expand Post »
hi

i am asp.net beginner, i doing login validation using asp.net in c#.here i was create the db in sql server 2005 ,fetch the data from db and compare the text box value.
if condition error will be show..it is using visual studio 2005 ..

given below my code plz correct the error.

using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Data.Sql;
using System.Data.SqlClient;


public partial class index : System.Web.UI.Page
{
SqlConnection conjds = new SqlConnection();
SqlCommand cmdjds = new SqlCommand();
SqlDataReader redjds;

protected void Page_Load(object sender, EventArgs e)
{

}
protected void Button1_Click(object sender, EventArgs e)
{
string log1, pass1, cid;
string login1, pass2, client1;
//log1 = username.Text;
//pass1 = pass.Text;
//cid = clientid.Text;

conjds.ConnectionString = ConfigurationManager.ConnectionStrings["maillog"].ToString();
conjds.Open();
cmdjds.Connection = conjds;
cmdjds.CommandText = "Select * from login ";
cmdjds.ExecuteNonQuery();
redjds = cmdjds.ExecuteReader();

while (redjds.Read())
{

login1 = redjds.GetString(0);
pass2 = redjds.GetString(1);
client1 = redjds.GetString(2);

}

if (username.Text = "login1" && pass.Text = "pass2" && clientid.Text = "client1" )
{

Response.Redirect("~/assign.aspx");

}

else
{
Response.Write("wrong");
}

conjds.Close();

}
Similar Threads
Reputation Points: 4
Solved Threads: 0
Junior Poster in Training
psathish2 is offline Offline
51 posts
since Dec 2007
Permalink
Feb 14th, 2008
0

Re: login validation

Hi psathish2,
Quote ...
cmdjds.ExecuteNonQuery();
First of all remove the above quote because it is used when there is no rows are returned, but you are using SELECT statement which returns some number of rows.
Quote ...
if (username.Text = "login1" && pass.Text = "pass2" && clientid.Text = "client1" )
Secondly your if condition is totally wrong. Because you collected rows information in to login1 and pass2 then you can directly compare it with any text, no need of Double quote. For ex: -
if(username.Text == login1 && pass.Text == pass2 && clientid.Text == client1)
Instead OF
if(username.Text = "login1" && pass.Text = "pass2" && clientid.Text = "client1")

OR you can use String1.Equals(String2) function to campare two strings.
So if condtion should be
if(username.Text.Equals(login1) && pass.Text.Equals(pass2) && clientid.Text.Equals(client1))


Hope this will help you. If problem persist feel free to ask again to me.
Thanks & Regards
Dilip Kumar Vishwakarma
Programmer
.Net Consulting
Reputation Points: 10
Solved Threads: 4
Light Poster
dilipv is offline Offline
30 posts
since Feb 2008
Permalink
Feb 14th, 2008
1

Re: login validation

Hey, there are many things that are wrong and need updating, so I will lead you through it:
conjds.ConnectionString = ConfigurationManager.ConnectionStrings["maillog"].ToString();
conjds.Open();
cmdjds.Connection = conjds;

//-----------
//This below command is wrong because you are selected everything
//from the database, including all 60,000 rows if you have that many users.
//cmdjds.CommandText = "Select * from login ";
//Below line might need changing depending on your column names
cmdjds.CommandText = "SELECT userpass, clientid FROM login WHERE username=@username"
//Parameters help prevent against SQL injection. I would recommend them.
cmdjds.Parameters.AddWithValue( "@username", Trim(username.Text) )
//-----------
//-----------
//This below command doesn't return any rows. It is only used for
//updates, deletes, and inserts. It does return one value, the number
//of records it affected.
//cmdjds.ExecuteNonQuery();
//The above line actually wasn't needed at all, and did nothing. The
//below line (reader) is what does it all.
redjds = cmdjds.ExecuteReader();
//-----------

//-----------
//For using the while read command, it will do whatever is in between
//the brackets for as many rows as you return. If you for some reason
//return 4 rows, it will set those variables 4 times, overwriting it every time.
//A fix for this is to limit the amount of rows returned:
//"SELECT TOP 1 userpass, clientid FROM login WHERE..."
//That will only select 1 row.
while (redjds.Read())
{

login1 = redjds.GetString(0);
pass2 = redjds.GetString(1);
client1 = redjds.GetString(2);

}

//this line fails in a few aspects. C#, much like javascript, uses one single
//equal sign to assign values. You are basically assigning username.Text to
//the login username retrieved from the database, same with the rest
//accordingly. For c#, you use two equal signs to do a logical test. Also, for
//variables that you assign values to (login1, pass2, client1, etc.), you never
//put quotes around. client1 = "a database value", "client1" = "client1"
//Keep in mind, this below line also doesn't compare case-senitivity. The password
//"jerryspringer" will pass validation even though the actual database password is
//"JerrySpringer". To compare case-sensitivity, use the string.equal or string.compare
//methods. Look them up on microsoft.com (google:  site:microsoft.com string.compare)
//if (username.Text = "login1" && pass.Text = "pass2" && clientid.Text = "client1" )
if (username.Text == login1 && pass.Text == pass2 && clientid.Text == client1)
{

Response.Redirect("~/assign.aspx");

}
else
{

Response.Write("wrong");

}
Hope I helped and gave you insight.
Last edited by SheSaidImaPregy; Feb 14th, 2008 at 11:15 am.
Reputation Points: 43
Solved Threads: 68
Veteran Poster
SheSaidImaPregy is offline Offline
1,080 posts
since Sep 2007
Permalink
Feb 15th, 2008
0

Re: login validation

thank you for information again this error should accorded..

using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Data.Sql;
using System.Data.SqlClient;


public partial class index : System.Web.UI.Page
{
SqlConnection conjds = new SqlConnection();
SqlCommand cmdjds = new SqlCommand();
SqlDataReader redjds;

protected void Page_Load(object sender, EventArgs e)
{

}
protected void Button1_Click(object sender, EventArgs e)
{
string login1, pass2, client1;

conjds.ConnectionString = ConfigurationManager.ConnectionStrings["maillog"].ToString();
conjds.Open();
cmdjds.Connection = conjds;

cmdjds.CommandText = "SELECT username,password,clientid FROM login WHERE username=@username";

//trim is not suport here..


cmdjds.Parameters.AddWithValue("@username",Trim(username.Text));

// cmdjds.ExecuteNonQuery();
//redjds = cmdjds.ExecuteReader();

while (redjds.Read())
{
login1 = redjds.GetString(0);
pass2 = redjds.GetString(1);
client1 = redjds.GetString(2);

}

conjds.Close();

//here use of unassign local variable 'login1','pass2','client1' error is coming

if (username.Text == login1 && pass.Text == pass2 && clientid.Text == client1)
{

Response.Redirect("~/assign.aspx");

}
else
{

Response.Write("wrong");

}
}






}
Last edited by psathish2; Feb 15th, 2008 at 3:51 am.
Reputation Points: 4
Solved Threads: 0
Junior Poster in Training
psathish2 is offline Offline
51 posts
since Dec 2007
Permalink
Feb 15th, 2008
0

Re: login validation

hi
Last edited by psathish2; Feb 15th, 2008 at 3:54 am.
Reputation Points: 4
Solved Threads: 0
Junior Poster in Training
psathish2 is offline Offline
51 posts
since Dec 2007
Permalink
Feb 15th, 2008
0

Re: login validation

Sorry, I am a VB.NET developer, so I mis did some syntax (Like trim).

Try the new code:
ASP.NET Syntax (Toggle Plain Text)
  1. conjds.ConnectionString = ConfigurationManager.ConnectionStrings["maillog"].ToString();
  2. conjds.Open();
  3. cmdjds.Connection = conjds;
  4.  
  5. cmdjds.CommandText = "SELECT userpass, clientid FROM login WHERE username=@username"
  6. cmdjds.Parameters.AddWithValue( "@username", username.Text.Trim() )
  7.  
  8. redjds = cmdjds.ExecuteReader();
  9.  
  10. while (redjds.Read())
  11. {
  12.  
  13. login1 = redjds.GetString(0);
  14. pass2 = redjds.GetString(1);
  15. client1 = redjds.GetString(2);
  16.  
  17. }
  18.  
  19. if (login1 == username.Text.Trim() && pass2 == pass.Text.Trim() && client1 == clientid.Text.Trim())
  20. {
  21.  
  22. Response.Redirect("~/assign.aspx");
  23.  
  24. }
  25. else
  26. {
  27.  
  28. Response.Write("wrong");
  29.  
  30. }
Reputation Points: 43
Solved Threads: 68
Veteran Poster
SheSaidImaPregy is offline Offline
1,080 posts
since Sep 2007
Permalink
Feb 15th, 2008
0

Re: login validation

If that fails at the if statement, replace it with:
ASP.NET Syntax (Toggle Plain Text)
  1. if(username.Text.Equals(login1) && pass.Text.Equals(pass2) && clientid.Text.Equals(client1))
Reputation Points: 43
Solved Threads: 68
Veteran Poster
SheSaidImaPregy is offline Offline
1,080 posts
since Sep 2007
Permalink
Feb 19th, 2008
0

Re: login validation

thank you for your coding but not working if condition not working else part to execute...

string login1, pass2, client1;

conjds.ConnectionString = ConfigurationManager.ConnectionStrings["maillog"].ToString();
conjds.Open();
cmdjds.Connection = conjds;

cmdjds.CommandText = "SELECT username,password,clientid FROM login WHERE username=@username";
cmdjds.Parameters.AddWithValue("@username",username.Text.Trim());

redjds = cmdjds.ExecuteReader();

while (redjds.Read())
{
login1 = redjds.GetString(0);
pass2 = redjds.GetString(1);
client1 = redjds.GetString(2);


// before i put in close bracket in while loop error showed login1,pass2,client1 unassign variable ...


so i changed put in bracket in last ...

//if (username.Text.Equals(login1) && pass.Text.Equals(pass2) && clientid.Text.Equals(client1))
if (login1 == username.Text.Trim() && pass2 == pass.Text.Trim() && client1 == clientid.Text.Trim())
{

Response.Redirect("~/assign.aspx");

}
else
{

Response.Write("wrong");


}
}
conjds.Close();
}

o/p: wrong only printed......
Reputation Points: 4
Solved Threads: 0
Junior Poster in Training
psathish2 is offline Offline
51 posts
since Dec 2007
Permalink
Feb 27th, 2008
0

Re: login validation

thank you for everbody help to me..i got results...
Last edited by psathish2; Feb 27th, 2008 at 6:42 am.
Reputation Points: 4
Solved Threads: 0
Junior Poster in Training
psathish2 is offline Offline
51 posts
since Dec 2007

This thread is more than three months old

No one has posted to this discussion for at least three months. Please let old threads die and do not reply to them unless you feel you have something new and valuable to contribute that absolutely must be added to make the discussion complete. Otherwise, please start a new thread in this forum instead.
This thread is currently closed and is not accepting any new replies.
Previous Thread in ASP.NET Forum Timeline: Sorting problem ?
Next Thread in ASP.NET Forum Timeline: Insert to DB & View Results on Different Page





About Us | Contact Us | Advertise | Acceptable Use Policy
Forum Index | Build Custom RSS Feed


Follow us on Twitter


© 2011 DaniWeb® LLC