hi,

I am creating an application in visual web developer using c# language. I need to create a login page. i have written the following code :

protected void Button1_Click(object sender, EventArgs e)
    {
        int flag=0,count=0;
        string uname = TextBox1.Text;
        string pass = TextBox2.Text;
    start:
        TextBox3.Text = flag.ToString();
        
        OleDbConnection dbconn = new OleDbConnection(@"Provider=SQLOLEDB.1;Integrated Security=SSPI;Persist Security Info=False;Initial Catalog=users;Data Source=PRASHANT-ACER\SQLEXPRESS");
        dbconn.Open();
        string sql = "select username,password from userdet";
        OleDbCommand dbcomm = new OleDbCommand(sql, dbconn);
        
        using (OleDbDataReader reader = dbcomm.ExecuteReader())
        {
            while (reader.Read())
            {
                if((uname==reader[0].ToString())&&(pass==reader[1].ToString()))
                {
                    flag = 1;
                    TextBox3.Text = "success";
                    break;
                }
            }
        }
        TextBox3.Text += flag.ToString();
        if(flag==0)
        {
            ++count;

            if(count<3)
            {
                TextBox3.Text+="Incorrect username and password. Enter again";
                TextBox1.Text="";
                TextBox2.Text="";
                
                uname=te
                goto start;
            }
            else
            {
                TextBox3.Text += count.ToString() + flag.ToString();
                TextBox3.Text+="Login blocked. Please try after 2 hrs";
                System.Threading.Thread.Sleep(5000);
            }
        }
        dbcomm.ExecuteReader();
        dbconn.Close();
    }

there are a few problems :
1. I am not sure if the code to retrieve data from the database is correct. especially to check the validity of the username and password. Can someone tell me if it is correct?

2. if i test the code, it always says login blocked. i dunno where the error is. someone please help me out

regards

prashanth

>asp.net login page

The Web is inherently stateless; each request for a page is treated as a new request, and information from one request is not available by default to the next request. To help overcome this inherent limitation of Web-based applications, ASP.NET includes a number of features for managing state.that is, for storing information between requests. So use cookies or session to persist client/user-specific data between web-page requests.

>especially to check the validity of the username and password.

Please employ case-sensitive search.

....
 cmd.CommandText = "select username from login where cast(username as varbinary(40))=cast(@p1 as varbinary(40)) and cast(password as varbinary(40))=cast(@p2 as varbinary(40))";

        cmd.Connection = cn;
        cmd.Parameters.Add(new OleDbParameter("@p1", OleDbType.VarChar, 40)).Value = textbox1.text;
        cmd.Parameters.Add(new OleDbParameter("@p2", OleDbType.VarChar, 40)).Value = textbox2.text;

        cn.Open();
        object c = cmd.ExecuteScalar();
        cn.Close();

        if (c != null)
        {
            Response.Write("<br/>Found");
        }
        else
        {
            Response.Write("<br/>Not found");
        }
...

hi,

i am new to the parameters.add function. so if you wont mind, can you expl to me what it does and what happens in ur code subsequently

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.