login form with c# and sql server

Posted by Sumasri under C# on 7/31/2012 | Points: 10 | Views : 78311 | Status : [Member] | Replies : 4
Hii
Im always getting the invalid user and password message eventhough it is valid. Please suggest me if there any error in this code.


private void button1_Click(object sender, EventArgs e)
{
try
{
SqlConnection cn = new SqlConnection("Data Source= MINDTECH4; Initial Catalog=suma; User Id=trainee; Password=trainee123");
cn.Open();
SqlCommand cmd = new SqlCommand("select LoginId, Password from memberlogin where LoginId='" + txtlogin + "' and Password='" + txtpwd + "'", cn);
SqlDataReader dr = cmd.ExecuteReader();
string login = txtlogin.Text;
string pwd = txtpwd.Text;
while (dr.Read())
{
if ((dr["LoginId"].ToString() == login) && (dr["Password"].ToString() == pwd))
{
MessageBox.Show("welcome");
}
else
{
MessageBox.Show("userid and password are invalid");
}
}
dr.Close();
cn.Close();
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}

and also help me how to implement the validations in C# code with example.

Thanks

sumasri


Responses

Posted by: Oswaldlily on: 7/31/2012 [Member] Starter | Points: 25

Up
0
Down
ALTER PROCEDURE storedProname
(
@uname as NVARCHAR(100),
@upass as NVARCHAR(200)
)
AS
BEGIN
SET NOCOUNT ON
IF EXISTS(SELECT 'X' from Tablename
where UD_UserId=@uname and UD_Password=@upass)
BEGIN
RETURN 1
END
ELSE
BEGIN
RETURN 0
END
SET NOCOUNT OFF
END
try this method

Protected Sub btn_Click(ByVal sender As Object, ByVal e As EventArgs) Handles btn.Click

Dim _UserId As String
Dim _Password As String
_UserId = Trim(txtUserId.Text)
_Password = Trim(txtPassword.Text)

If storedProname(_UserId, _Password) = True Then
Response.Redirect("../Administration/Home.aspx", True)
End If
End Sub

Sumasri, if this helps please login to Mark As Answer. | Alert Moderator

Posted by: Lalitha86 on: 8/8/2012 [Member] Starter | Points: 25

Up
0
Down
u hould create table eiyh two columns and enter username and password in table using insert command.
then come to asp page
in page load 1. initialize the connection using the code sqlconnection con=new sqlconnection();
2.open the connection con.open()
3. sqlcommand cmd=new sqlcommand("select *from tablename",con);
4. sqldatareader dr=cmd.executereader()
5. while(dr.read())
6.

   if ((TxtUsername.Text) ==re.GetString(0) && (TxtPassword.Text) == re.GetString(1))

{
Response.Redirect("default.aspx");
}
else
{
Response.write("invalid");
}


Sumasri, if this helps please login to Mark As Answer. | Alert Moderator

Posted by: Ranjeet_8 on: 8/8/2012 [Member] [MVP] Gold | Points: 25

Up
0
Down
Replace your code
SqlCommand cmd = new SqlCommand("select LoginId, Password from memberlogin where LoginId='" + txtlogin  + "' and Password='" + txtpwd  + "'", cn); 

To
SqlCommand cmd = new SqlCommand("select LoginId, Password from memberlogin where LoginId='" + txtlogin.Text  + "' and Password='" + txtpwd.Text  + "'", cn); 


.Text is Missing in ur query


.

Sumasri, if this helps please login to Mark As Answer. | Alert Moderator

Posted by: Satyapriyanayak on: 1/24/2013 [Member] [MVP] Silver | Points: 25

Up
0
Down
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Windows.Forms;
using System.Data.OleDb;
namespace Login_page_Msaccess
{
public partial class Form1 : Form
{
string ConnectionString = System.Configuration.ConfigurationSettings.AppSettings["dsn"];
OleDbCommand com;
string str;

object obj = null;
public Form1()
{
InitializeComponent();
}

private void btn_login_Click(object sender, EventArgs e)
{
OleDbConnection con = new OleDbConnection(ConnectionString);
con.Open();
str = "select count(*) from login where UserName=@UserName and Password =@Password";
com = new OleDbCommand(str, con);
com.CommandType = CommandType.Text;
com.Parameters.AddWithValue("@UserName", TextBox_user_name.Text);
com.Parameters.AddWithValue("@Password", TextBox_password.Text);
obj = com.ExecuteScalar();
if ((int)(obj) != 0)
{
lb1.Text = "WELLCOME :: " + TextBox_user_name.Text;
}
else
{
lb1.Text = "invalid user name and password";
}
con.Close();
}
}
}


If this post helps you mark it as answer
Thanks

Sumasri, if this helps please login to Mark As Answer. | Alert Moderator

Login to post response