So I created a custom generated file that lets me take the username and password.
It is the following:

public User GetUserByUserNamePassword(string userName, string Password)
   return (_DatabaseContext.Users.FirstOrDefault(user => user.Username == userName && user.Password ==Password));

In my log in page I have a webUserControl that contains two textboxes, one for the password and the other one for the username. I created an object data source for the webusercontrol to take in parameters Username and password .

Whats the c# code that can let me check if the username and password are valid (I have a table called User btw that has three columns, UserID(pk), Username and Password.

You can do something like this

                SqlConnection objConn = new SqlConnection("Data Source=ithinkunome-vm;Database=test; Integrated security=True");
                SqlCommand objCommand = objConn.CreateCommand();
                objCommand.CommandText = "select password from users where username='"+txtUserName.Text+"'";
                SqlDataReader objDataReader = objCommand.ExecuteReader();
                while (objDataReader.Read())
                    if (txtPassword.Text == objDataReader["password"].ToString())
                        lblStatus.Text = "Password is Valid User is Logged In";
                        lblStatus.Text = "Password is not Valid User is Not Logged In";
            catch (Exception ex)


On a web page there are 2 textbox txtUserName and txtPassword, 1 submit button and a label

After typing userName and password when the user click on button it will be checked against database, and if they match the label will be updated

Get the project file from here

Hope it will help


If Im not using the SQL Membership I usually call a helper class that has a few methods just for this.

start here passing credentials:

    protected static bool LoginUser(string user, string pass)
        Logger l = new Logger();

        return l.IsUser(user.Trim(), pass.Trim());

The IsUser Class:

    /// <summary>
    /// Check to see if user is legal
    /// </summary>
    /// <param name="user">User name </param>
    /// <param name="pass">User password </param>
    /// <returns>True if is a user</returns>
    public bool IsUser(string user, string pass)
        using (SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["conn"].ConnectionString))
            bool b;
            //// Send info to DB and see if I get a record
            SqlCommand cmd = new SqlCommand("sproc", conn);
            cmd.CommandType = CommandType.StoredProcedure;

            cmd.Parameters.AddWithValue("@user", user);
            cmd.Parameters.AddWithValue("@pass", pass);

            SqlParameter isAUser = cmd.Parameters.Add("@IsUser", SqlDbType.Char, 3);
            isAUser.Direction = ParameterDirection.Output;

            b = Convert.ToBoolean(cmd.ExecuteScalar().ToString());
            if (b)
                string u = Convert.ToString(isAUser.Value);
                HttpContext.Current.Session["UserID"] = u;
                b = true;
                b = false;

            return b;

The bool value will be used to validate if user credentials are valid.