Ok. I have been trying to troubleshoot other problems as well as this issue and still have come up short on this one.
Main Topics
Browse All TopicsHi.
I have a basic login that creates a cookie if the credientials are fine. Ideally, the credentials should be checked against my stored procedure. My problem is that if the user enters invalid information, an error message is not visible. Can you tell me where I am erroring in my code below? The work occurs in the login button click:
protected void LoginBtn_Click(object sender, EventArgs e)
{
//check username, password, and status (is user active)
string username = Convert.ToString(usernm.Te
string password = Convert.ToString(passwordT
string showUsers = ConfigurationManager.Conne
SqlConnection conn = new SqlConnection(showUsers);
SqlCommand comm = new SqlCommand("usp_LookupUser
comm.Connection.Open();
comm.CommandType = CommandType.StoredProcedur
comm.Parameters.AddWithVal
comm.Parameters.AddWithVal
comm.ExecuteNonQuery();
SqlDataReader myreader = comm.ExecuteReader();
if (myreader.HasRows)
{
while (myreader.Read())
{
string userrecord = Convert.ToString(myreader[
int numValue = (int)myreader["TypeID"];
string myEmail;
if (myreader["email"] != DBNull.Value)
{myEmail = (string)myreader["email"];
else
{myEmail = "None Provided";}
string usertype = (string)myreader["UserType
bool activeUser = (bool)myreader["active"];
string pw = (string)myreader["Password
string usercred = (string)myreader["Username
if (usernm.Text != usercred || passwordTxt.Text != pw)
{
Response.Write("Invalid Credentials");
}
else
{
Response.Redirect("/tl_fun
HttpCookie aCookie = new HttpCookie("checkUser");
aCookie.Values["Site"] = "Tape Library Application";
aCookie.Values["LastVisit"
aCookie.Values["Username"]
aCookie.Values["Email"] = myEmail;
aCookie.Values["User Type"] = usertype;
string newTypeID = Convert.ToString(numValue)
aCookie.Values["My Type"] = newTypeID;
aCookie.Values["UID"] = userrecord;
Response.SetCookie(aCookie
}
}
}
comm.Connection.Close();
}
This Question has been solved and asker verified All Experts Exchange premium technology solutions are available to subscription members.
Experts Exchange has been collecting answers to technology questions since 1996…3 million and counting! If you have a question, chances are we already have your answer.
If you can't find the exact answer you're looking for, ask our exclusive community of 50,000 experts. You’ll get a personalized answer from a trusted professional.
Thousands of free tech tips, tricks, how-to’s and tutorials are available in our peer reviewed articles section. See for yourself how smart our experts are, no login required.
Access the answers to your technology questions today.
30-day free trial. Register in 60 seconds.
Members of the expert community talk about why the experience at Experts Exchange is different than what you will find anywhere else.

Try it out and discover for yourself.
30-day free trial. Register in 60 seconds.
Join the community of experts here and help other tech pros by answering question in your area of expertise. You can earn FREE access to all Experts Exchange's premium features and resources.
no... i resolved the issue.
below is my new plan! thanks for pointing me in the right direction.
if (usernm.Text == "" || pword.Text=="")
{
ErrorLbl.Visible = true;
ErrorLbl.Text = "You entered an invalid username/password combination. If you think your credentials are correct and the error persists, contact Helpdesk.";
}
else if (username == userrecord && password == pw && activeUser == true)
{
Response.Redirect("/tl_fun
}
else
{
ErrorLbl.Visible = true;
ErrorLbl.Text = "Something is wrong. Re-enter your password if you think you have access or contact Help Desk.";
}
Business Accounts
Answer for Membership
by: RejojohnyPosted on 2007-10-01 at 13:15:00ID: 19993794
you are entering the username and password as parameter for your command object .. so the reader will not return any rows for invalid credentials .. so the code never goes within the if condition which checks for the rows .. change your code to
if (myreader.HasRows)
{
.. code to write cookie and redirect ..
}
else
{
Response.Write("Invalid Credentials");
}
Rejo