hey all. I'm designing a new software and working on login system with online database.
this is the code that I wrote, it work well

 Mysqlconn.ConnectionString = "server=db4free.net;Port=3306; user id=****; password=d****; database=****g"
 Mysqlconn = New MySqlConnection

        Dim READER As MySqlDataReader

        Try
            Mysqlconn.Open()
            Dim Query As String
            Query = "SELECT * FROM *f*a*e* WHERE Name='" & TextBox1.Text & "' AND Password='" & TextBox2.Text & " ' "
            Command = New MySqlCommand(Query, Mysqlconn)
            READER = Command.ExecuteReader
            Dim count As Integer
            count = 0
            While READER.Read
                count = count + 1
            End While
            If count = 1 Then
                MsgBox("Welcome'" & TextBox1.Text & "'")
                FORMAKRYESORE.Show()
                Me.Close()

            ElseIf count > 1 Then
                MsgBox("Welcome'" & TextBox1.Text & "'")
            Else
                MsgBox("Sorry did not recognize you. Re-enter name and password")
            End If

            Mysqlconn.Close()

        Catch ex As MySqlException
            MsgBox(ex.Message)
        Finally
            Mysqlconn.Dispose()

        End Try

It work perfectly. what Im trying to make is, if I log with my name. for example. "altjen" it show an other form with the details that are on the database, for example my name age and what I put there.

any idea?

PS: will use this as a mini chatting software between my friends

Edited 1 Year Ago by altjen

You just need to do another query after the user is successfully logged in that retrieves their details. You should be storing the user ID i.e. the key for users table in session so you can access it when you need to make calls to the database.
That way, after a successful login, you can redirect to their profile page and from that page make the query to retrieve their user profile via their ID.

Homework for you: learn about SQL injection attacks and why you should parametize queries. You're putting the text of a textbox directly into your query which is a really bad idea.

Agreed with hericles, Use parameterised query to prevent mallicious attack to your database.

Your codification if to some correct, only needed simple modification.
Exchange the place between Line No. 1 & 2.

Mysqlconn = New MySqlConnection
Mysqlconn.ConnectionString = "server=db4free.net;Port=3306; user id=****; password=d****; database=****g"

If do I correct, UserName and Password should be Unique. SO , if they are unique query shoule be produced a single row of record.So, no need to cheack the condition ElseIf count > 1 Then. Remove it. The condition checking should be

If count = 1 Then
    ........
Else
    ........
End If

If you have wanted to count the number of matching rows produced by the query,
READER = Command.ExecuteReader is not the proper choice. Use count = Command.ExecuteScalar to get the number of the affected rows. So, no need to use Dim READER As MySqlDataReader. Remove it. The codes should be

Mysqlconn = New MySqlConnection
Mysqlconn.ConnectionString = "server=db4free.net;Port=3306; user id=****; password=d****; database=****g"

       Try
            Mysqlconn.Open()
            Dim Query As String
            Query = "SELECT * FROM *f*a*e* WHERE Name='" & TextBox1.Text & "' AND Password='" & TextBox2.Text & " ' "
            Command = New MySqlCommand(Query, Mysqlconn)

            Dim count As Integer = Command.ExecuteScalar

            If count > 0 Then
                MsgBox("Welcome'" & TextBox1.Text & "'")
                FORMAKRYESORE.Show()
            Else
                MsgBox("Sorry did not recognize you. Re-enter name and password")
            End If
            Mysqlconn.Close()
        Catch ex As MySqlException
            MsgBox(ex.Message)
        Finally
            Mysqlconn.Dispose()
        End Try

        Me.Close()

Hope it can help you.

thanks for the suggestions, but looks like you did not understood me that much.

I want the user log in, and a form 2 show up with user data or what I put inside it, but it have to recognize the name of the user.

I have no idea how to do it...

You will get the name from FormLogIn.TextBox1.Text.
Make a query in FORMAKRYESORE Load event to show data by using FormLogIn.TextBox1.Text.

will try as Shark 1 said, but still dont understand the algorithm of how to make a form 2 show with successful login person and his data inside

You can do it easily by declaring some properties in form FORMAKRYESORE Class module.I am trying to describe it how you can do it.

First check the User for proper login in LogInForm's Button Click event

 Private Sub Button1_Click(sender As System.Object, e As System.EventArgs) Handles Button1.Click
        Mysqlconn = New MySqlConnection
        Mysqlconn.ConnectionString = "server=db4free.net;Port=3306; user id=****; password=d****; database=****g"
       Try
            Mysqlconn.Open()
            Dim Query As String
            Query = "SELECT Count(*) FROM *f*a*e* WHERE Name='" & TextBox1.Text & "' AND Password='" & TextBox2.Text & " ' "
            Command = New MySqlCommand(Query, Mysqlconn)
            Dim count As Integer = Command.ExecuteScalar
            If count > 0 Then
                MsgBox("Welcome'" & TextBox1.Text & "'")

                'Assign the property value and show the form
                FORMAKRYESORE.UserName = Me.TextBox1.Text
                FORMAKRYESORE.Show()

            Else
                MsgBox("Sorry did not recognize you. Re-enter name and password")
            End If
            Mysqlconn.Close()
        Catch ex As MySqlException
            MsgBox(ex.Message)
        Finally
            Mysqlconn.Dispose()
        End Try

        Me.Close()

    End Sub

Now we describe here how could we declare some custom properties to receive data and show them

Public Class FORMAKRYESORE
    'Declaring variables
    Private _UserName As String


    'declaring Properties
    Public Property UserName() As String
        Get
            Return _UserName
        End Get
        Set(value As String)
            _UserName = value
        End Set
    End Property




    Private Sub FORMAKRYESORE_Load(sender As System.Object, e As System.EventArgs) Handles MyBase.Load
        'Show the property values
        Me.TextBox1.Text = UserName

        'Call the proceedure and display Data
        Me.DisplayData()

    End Sub

    Private Sub DisplayData()
        .............
        ...............

        'Make here a query from database and display
        'data which you want
        .....................
        ..................
    End Sub
End Class

I do not know which data you want to show. From my assumption I do it. You can do for your data like them. Hope it can help you.

Edited 1 Year Ago by Shark_1

Comments
Really awesome code made by you :D thanks

Shark 1. Making a quesy at DisplayData() who will display the data that I want is simething like this?

query = "SELECT Name, LastName, PhoneNumber, Street FROM testdatabase"

& Minimalist. Im making a school software for my school. and I need to make a login form where the student or the parent enter name and password or ID of the student and show his information, grades etc at FORMAKRYESORE.
and change the name of FORMAKRYESORE to MainForm so you guys can understand it easier.

Edited 1 Year Ago by altjen

You said something different in your opening statement:
"PS: will use this as a mini chatting software between my friends"
So what is going to be?

first started the project as a little chat, but the teacher asked me this software today. (Im still on high school and all I know about programming is by my self)
so I change the topic of the software

Student is on English
Studenti is in Albanian
is the some.

Here is not the matter, what language you have been used. Matter is the actual name of the table.
If the table name is Student, then SQL always arises an exception for Studenti, used language what ever may be.

Student is teh form name, studenti is the table on mysql database

but sir, can you help me with an example of project? you could make it really fast. I can give you a database that have on db4free.net
name: programi
password: altjen9614

there is no table at dbshkollor so you can create 1. would be really sespectful for you and would do anything you will ask me,(if you want)

thanks

Sorry, I did not see the links perfectly what you attached one day before.
You attached three links, one is for exception message. The exception arised, when you tried to run the codes, posted in your second Link.

In 2nd link your SQL Statement was Query = "SELECT FROM <TableName>". Here TableName is your tablename, what ever may be. You got exception for this line of Statement. The SQL Statement would be

Query = "SELECT * FROM <TableName>"

Hope it can help you.

with some other editions I made what I was doing, thank you very much Shark.
you saved me a lot of time :D

this is way more easy than I thought. and I did it with the first code that I had. but still using the code that Shark 1 gave to me. so again Thank You sir

This article has been dead for over six months. Start a new discussion instead.