C# Validation Problem

Question

onat12` 0 Newbie Poster

12 Years Ago

I have a Login validation problem, when

Username = 123-incorrect
Password = 123-incorrect
Login Failed.

when
Username = onat12-correct
Password = sambuca888-correct
Login Accepted.

now when,
Username = onat12-correct
Password = 123-incorrect
Login Failed.

now when,
Username = 123-incorrect
Password = 123-incorrect
Will not validate
Verification failed

using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Windows.Forms;
using System.Data.OleDb;


namespace Form_Login1
{
    public partial class frm_login : Form
    {
        public frm_login()
        {
            InitializeComponent();

        }
        int usercode;
        System.Data.OleDb.OleDbConnection con;
        private void frm_login_Load(object sender, EventArgs e)
        {//verify database is running
            try
            {
                con = new System.Data.OleDb.OleDbConnection();
                con.ConnectionString = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=dbSys.mdb;User Id=admin;Password=;";
                con.Open();


                MessageBox.Show("Connection Verified, Cleared to login", "O-Connection Has Been Verified-O",
                MessageBoxButtons.OK,
                MessageBoxIcon.Exclamation);
                con.Close();
                con.Dispose();
            }
            catch (Exception ex)
            {
                MessageBox.Show(ex.Message, "X-Database Error-X",
                   MessageBoxButtons.OK,
                   MessageBoxIcon.Exclamation);
                this.Close();

            }

            //end database verification
        }

        private void btn_try_Click(object sender, EventArgs e)
        {//login
            using (OleDbConnection cn = new OleDbConnection("Provider=Microsoft.Jet.OLEDB.4.0;Data Source=dbSys.mdb;User Id=admin;Password=;"))
            {
                using (OleDbCommand cmd = new OleDbCommand("SELECT * FROM users WHERE UserName=@UserName AND PassWord_=@PassWord_", cn))
                {
                    cmd.Parameters.Add("@UserName", OleDbType.WChar, 50, "UserName").Value = this.tbx_user.Text;

                    cmd.Parameters.Add("@Password", OleDbType.WChar, 50, "PassWord").Value = this.tbx_pwd.Text;

                    if (cn.State == ConnectionState.Closed)
                    {
                        cn.Open();

                        using (OleDbDataReader rdr = cmd.ExecuteReader())
                        {
                            if (rdr.HasRows)
                            {
                                rdr.Read();

                                if ((rdr.GetString(1) == this.tbx_user.Text) && (rdr.GetString(2) == this.tbx_pwd.Text))
                                {
                                    MessageBox.Show("Login Succesful");
                                    con.Close();
                                    con.Dispose();
                                    usercode = 
                                    MainPage f = new MainPage(usercode);
                                    f.Show();
                                    this.Close();
                                    ;


                                }
                                else
                                {

                                    MessageBox.Show("Verification Failed");
                                    tbx_pwd.Text = "";
                                    tbx_user.Text = "";
                                }
                            }

                        }
                    }
                }
            }

        }

        private void btn_abrt_Click(object sender, EventArgs e)
        {//close
            con.Close();
            con.Dispose();
            this.Close();
        }







    }
}

database login validation

Edited 12 Years Ago by onat12` because: n/a

2 Contributors
1 Reply
203 Views
6 Hours Discussion Span
Latest Post 12 Years Ago Latest Post by hericles

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

hericles 289 Master Poster Featured Poster · Answer 1 · 2011-11-13T17:06:47+00:00

In your code you have this line:

if (cn.State == ConnectionState.Closed)

but I can't see a section where you continue if the cn.State is open. Depending on whether you handled any other opening/closing of that connection you may have a problem (the two functions here look OK but you may have other code that leaves the connection open elsewhere).

Also, you are selecting all from the database where user name and password matches but then, when checking if the data reader has rows you are running the same check again:

if ((rdr.GetString(1) == this.tbx_user.Text) && (rdr.GetString(2) == this.tbx_pwd.Text))

This seems unnecessary as the reader can only contain rows if the user name/password have already been matched.