:eek: Hello,
I'm trying to figure out how to create a database driven login page in ASP.NET 2.0. As you can see I'm new at dotNET so I need all the help I can get. I can't seem to figure out how to use my own database to pull the user's information to allow them to authenticate. I have created user accounts and roles in the Admin tool in Web Developer but I can't seem to find a way to link the login control to my own database.

Thanks in advance for your help.

Hi,

Authenticating Users with a Database Table

To support a custom user registration system, we need to store usernames and passwords in a database table, so that we can make this as a scalable solution.

Step1 :Create a table in the database named as UserTable.

The structure of the table is given below.

CREATE TABLE UserTable
(
u_id INT NULL IDENTITY,
u_username VARCHAR(20),
u_password VARCHAR(20)
)

Step 2:

The Login.aspx page validates usernames and passwords by checking them against the contents of the UserTable.

Step3: Create a Register.aspx form to register new users. This form also contains fields of username and password.

The Title "Develop your own Web Accounting Application using ASP.Net" explains the topic on Security very well.
visit : http://www.vkinfotek.com


Regards
bhar

Thank you for your quick reply. Actually I already have a table with two of the fields that I will use as the authentication required fields (name or code # (which they already know)). The problem that I am having is how do I tell the login.aspx page to use that database to authenticate? I am using VWD 2005 Express Edition.

Thank you again.

Marequi
_________________

Hi,

Authenticating Users with a Database Table

To support a custom user registration system, we need to store usernames and passwords in a database table, so that we can make this as a scalable solution.

Step1 :Create a table in the database named as UserTable.

The structure of the table is given below.

CREATE TABLE UserTable
(
u_id INT NULL IDENTITY,
u_username VARCHAR(20),
u_password VARCHAR(20)
)

Step 2:

The Login.aspx page validates usernames and passwords by checking them against the contents of the UserTable.

Step3: Create a Register.aspx form to register new users. This form also contains fields of username and password.

The Title "Develop your own Web Accounting Application using ASP.Net" explains the topic on Security very well.
visit : http://www.vkinfotek.com


Regards
bhar

Hii :)

After Creating the Table U just go to Sql Query ANalyger and create a Stored Procedure Like

CREATE PROCEDURE sp_ValidateUser
(
@UserName VARCHAR(50) = NULL,
@Password VARCHAR(50) = NULL,
@Num_of_User INT = 0
)
AS
SET @Num_of_User = (SELECT COUNT(*) AS Num_of_User
FROM TblUser
WHERE UserName = @UserName AND Password = @Password)

RETURN @Num_of_User


then in the Login.aspx page

Function DBConnection(ByVal strUserName As String, ByVal strPassword As String) As Boolean


Dim MyConn As SqlConnection = New SqlConnection(ConfigurationSettings.AppSettings("strConn"))
Dim MyCmd As New SqlCommand("sp_ValidateUser", MyConn)

MyCmd.CommandType = CommandType.StoredProcedure


Dim objParam1, objParam2 As SqlParameter
Dim objReturnParam As SqlParameter


objParam1 = MyCmd.Parameters.Add("@UserName", SqlDbType.VarChar)
objParam2 = MyCmd.Parameters.Add("@Password", SqlDbType.VarChar)
objReturnParam = MyCmd.Parameters.Add("@Num_of_User", SqlDbType.Int)

objParam1.Direction = ParameterDirection.Input
objParam2.Direction = ParameterDirection.Input
objReturnParam.Direction = ParameterDirection.ReturnValue ' Note RETURNVALUE

objParam1.Value = txtUserName.Text
objParam2.Value = txtPassword.Text


Try

If MyConn.State = ConnectionState.Closed Then
' ||||| DB not already Open...so open it
MyConn.Open()
MyCmd.ExecuteNonQuery()
End If

If objReturnParam.Value < 1 Then
lblMessage.Text = "Invalid Login!"
Else
Return True
End If


MyConn.Close()


Catch ex As Exception
lblMessage2.Text = "Error Connecting to Database!"
End Try

End Function
and in login_click event
If Page.IsValid Then

If DBConnection(txtUserName.Text.Trim(), txtPassword.Text.Trim()) Then
-----'FormsAuthentication.RedirectFromLoginPage(txtUserName.Text, False) ' ||||| default.aspx Page!
response.redirct("default.aspx")

Else

lblMessage.Text = "Invalid Login!"

End If

End If

Then run ur application

This sounds very much like what I am trying to do as well, I can see its very easy to pull data out of the database but it seems like they could have made it easier to login, it seems overly complicated, this is a production db so I won't be able to test creating a stored procedure until tomorrow after my backup is done. I am very new to all this as well and wanted to post my thanks for the attempt at an answer, I have seen this question all over the place today but have not yet found the answer that worked for me I am probably doing something wrong but microsoft can't seem to give an error that you can understand in english all I know is something is very wrong with it, it doesn't really tell me why.
I really hope this does it, I really need this to move forward on my project its very important to me.

Dear Bharathi Krishna..

I am a beginner to this forum as well as creating web pages... I am basically a geologist, but interested in developing web pages... could you please help me out from the scarch to design a member login page.. which verifies the username and password from the data base..

1. how to create a data base so as it register all the new member and their password without manual intervention..

2. how to create a login form... etc..

regards
kalidoss

Dear Bharathi Krishna..

I am a beginner to this forum as well as creating web pages... I am basically a geologist, but interested in developing web pages... could you please help me out from the scarch to design a member login page.. which verifies the username and password from the data base..

1. how to create a data base so as it register all the new member and their password without manual intervention..

2. how to create a login form... etc..

regards
kalidoss

do you have access to a database on your server?
do you have access to a web server which provides asp.net services?

you need to know this before continuing.

This article has been dead for over six months. Start a new discussion instead.