0

I have a Login validation problem, when

Username = 123-incorrect
Password = 123-incorrect
Login Failed.

when
Username = onat12-correct
Password = sambuca888-correct
Login Accepted.

now when,
Username = onat12-correct
Password = 123-incorrect
Login Failed.


now when,
Username = 123-incorrect
Password = 123-incorrect
Will not validate
Verification failed

using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Windows.Forms;
using System.Data.OleDb;


namespace Form_Login1
{
    public partial class frm_login : Form
    {
        public frm_login()
        {
            InitializeComponent();

        }
        int usercode;
        System.Data.OleDb.OleDbConnection con;
        private void frm_login_Load(object sender, EventArgs e)
        {//verify database is running
            try
            {
                con = new System.Data.OleDb.OleDbConnection();
                con.ConnectionString = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=dbSys.mdb;User Id=admin;Password=;";
                con.Open();


                MessageBox.Show("Connection Verified, Cleared to login", "O-Connection Has Been Verified-O",
                MessageBoxButtons.OK,
                MessageBoxIcon.Exclamation);
                con.Close();
                con.Dispose();
            }
            catch (Exception ex)
            {
                MessageBox.Show(ex.Message, "X-Database Error-X",
                   MessageBoxButtons.OK,
                   MessageBoxIcon.Exclamation);
                this.Close();

            }

            //end database verification
        }

        private void btn_try_Click(object sender, EventArgs e)
        {//login
            using (OleDbConnection cn = new OleDbConnection("Provider=Microsoft.Jet.OLEDB.4.0;Data Source=dbSys.mdb;User Id=admin;Password=;"))
            {
                using (OleDbCommand cmd = new OleDbCommand("SELECT * FROM users WHERE UserName=@UserName AND PassWord_=@PassWord_", cn))
                {
                    cmd.Parameters.Add("@UserName", OleDbType.WChar, 50, "UserName").Value = this.tbx_user.Text;

                    cmd.Parameters.Add("@Password", OleDbType.WChar, 50, "PassWord").Value = this.tbx_pwd.Text;

                    if (cn.State == ConnectionState.Closed)
                    {
                        cn.Open();

                        using (OleDbDataReader rdr = cmd.ExecuteReader())
                        {
                            if (rdr.HasRows)
                            {
                                rdr.Read();

                                if ((rdr.GetString(1) == this.tbx_user.Text) && (rdr.GetString(2) == this.tbx_pwd.Text))
                                {
                                    MessageBox.Show("Login Succesful");
                                    con.Close();
                                    con.Dispose();
                                    usercode = 
                                    MainPage f = new MainPage(usercode);
                                    f.Show();
                                    this.Close();
                                    ;


                                }
                                else
                                {

                                    MessageBox.Show("Verification Failed");
                                    tbx_pwd.Text = "";
                                    tbx_user.Text = "";
                                }
                            }

                        }
                    }
                }
            }

        }

        private void btn_abrt_Click(object sender, EventArgs e)
        {//close
            con.Close();
            con.Dispose();
            this.Close();
        }







    }
}

Edited by onat12`: n/a

2
Contributors
1
Reply
2
Views
5 Years
Discussion Span
Last Post by hericles
1

In your code you have this line:

if (cn.State == ConnectionState.Closed)

but I can't see a section where you continue if the cn.State is open. Depending on whether you handled any other opening/closing of that connection you may have a problem (the two functions here look OK but you may have other code that leaves the connection open elsewhere).

Also, you are selecting all from the database where user name and password matches but then, when checking if the data reader has rows you are running the same check again:

if ((rdr.GetString(1) == this.tbx_user.Text) && (rdr.GetString(2) == this.tbx_pwd.Text))

This seems unnecessary as the reader can only contain rows if the user name/password have already been matched.

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.