You can use the below functions:-
protected void login_btn_Click(object sender, EventArgs e)
{
con.ConnectionString = ConfigurationManager.ConnectionStrings["cnn"].ConnectionString;
con.Open();
try
{
// In the below sql query i am decrypting the encrypted password which is store in the database
adp = new SqlDataAdapter(@"select convert(varchar(10), DECRYPTBYPASSPHRASE ('12',password )) AS PWD from login_details where uid=@uid ", con);
adp.SelectCommand.Parameters.AddWithValue("@uid", user_txt.Text);
DataSet ds = new DataSet();
adp.Fill(ds);
// this code find the user from database . if yser does't exist in the database
//then label print the msg "Invalid user" & return
if (ds.Tables[0].Rows.Count == 0)
{
lbl_errormg.Text = "Invalid user";
user_txt.Text = "";
pwd_txt.Text = "";
return;
}
// this is the code to convert byte array to string
string str = (ds.Tables[0].Rows[0]["pwd"]).ToString();
byte[] bytes = UTF8Encoding.ASCII.GetBytes(str);
string str2 = UTF8Encoding.ASCII.GetString(bytes);
// in the str2 i am storing the decrypted passwword
Console.WriteLine(str2);
// here i am campairing the password enter by the user with the database entry
// if both will not matched then label print the msg "Invalid Password" & return
if (str2 != pwd_txt.Text)
{
lbl_msg.Text = "Invalid Password";
pwd_txt.Text = "";
user_txt.Text = "";
return;
}
else
{
// In the below sql query i am decrypting the encrypted password which is store in the str2 variablle
cmd = new SqlCommand(@"select uid , convert(varchar(10), DECRYPTBYPASSPHRASE ('12',password )) AS PWD from login_details where uid=@uid and password=@password", con);
cmd.Parameters.AddWithValue("@uid", user_txt.Text);
cmd.Parameters.AddWithValue("@password", str2);
DataSet ds1 = new DataSet();
adp.Fill(ds1);
// this code find the username & password fron the database id these both are available in the database
//then you can redirect to next page otherwise
// label print the msg "Invalid user" & return
if (ds1.Tables[0].Rows.Count == 0)
{
lbl_msg.Text = "Invalid Userid or Password";
user_txt.Text = "";
pwd_txt.Text = "";
}
else
{
Response.Redirect("next.aspx");
lbl_msg.Text = "";
}
}
}
catch
{
user_txt.Text = "";
pwd_txt.Text = "";
}
user_txt.Text = "";
pwd_txt.Text = "";
}
Happy Coding
Webmasters964, if this helps please login to Mark As Answer. | Alert Moderator