kaifong78
asked on
Create a User Login and Change Password Screen in VB.NET
I have used the XML to store Users Name and Password, User Login screen I have done but the Change Passowrd part I haven't done yet, I don't know how to write a code for Change Password.
Below is a code in my application, it is working, but can't let user change thier Password. If user name and password store in to XML, this is possible user change thier password? If yes can tell me how do I write a code to change a password? If not, what is a good method to create a user login and change password screen? Store user name and password in database ? How? Any example?
Please take a look my code, users.xml, users.vb and FrmLogin, please advise how do I wirte / add a code for user change password. Thanks.
users.xml
======
<?xml version="1.0" encoding="utf-8" ?>
<users>
<user>
<name>Manager</name>
<password>TESTME</password >
<role>Manager</role>
</user>
<user>
<name>Supervisor</name>
<password>TESTME</password >
<role>Supervisor</role>
</user>
</users>
users.vb
=====
Option Strict On
Imports System.Security.Principal
Imports System.Threading
Imports System.IO
Public Class Users
Function IsLogin(ByVal strName As String, ByVal strPassword As String) As Boolean
' Procedure checks that the login exists in the XML file
Dim dsUsers As New DataSet
Dim drRows() As DataRow
Try
' Read the XML into a DataSet and filter on name and password
' for a collection of DataRows. This method is not case-sensitive
dsUsers.ReadXml("..\Users. xml")
drRows = dsUsers.Tables(0).Select(" name = '" & _
strName & "' and password = '" & strPassword & "'")
' Code must be implemented when adding users to the list to insure
' that there are no 2 users with the same name
' If there is a row in the collection then a record was found
If drRows.Length > 0 Then
Return True
Else
Return False
End If
Catch e As FileNotFoundException
MsgBox("Users.Xml file not found.", MsgBoxStyle.Critical, "Unable to Authenticate user.")
End
End Try
End Function
Function GetLogin(ByVal strName As String, ByVal strPassword As String) As GenericPrincipal
' Procedure returns a Generic Principal representing the login account
Dim dsUsers As New DataSet
Dim drRows() As DataRow
Try
' Read the XML into a DataSet and filter for a collection of DataRows
dsUsers.ReadXml("..\Users. xml")
drRows = dsUsers.Tables(0).Select(" name = '" & _
strName & "' and password = '" & strPassword & "'")
Catch e As FileNotFoundException
MsgBox("Users.Xml file not found.", MsgBoxStyle.Critical, "Shutting Down...")
End
End Try
' Create the Generic Identity representing the User
Dim GenIdentity As New GenericIdentity(strName)
' Define the role membership as an array
Dim Roles() As String = {CStr(drRows(0).Item("Role ")), ""}
Dim GenPrincipal As New GenericPrincipal(GenIdenti ty, Roles)
Return GenPrincipal
End Function
Function IsAdministrator() As Boolean
' Procedure checks if the Windows Login is an Administrator
' For single role-based validation
' Dim WinPrincipal As New WindowsPrincipal(WindowsId entity.Get Current())
' For repeated role-based validation
AppDomain.CurrentDomain.Se tPrincipal Policy(Pri ncipalPoli cy.Windows Principal)
Dim WinPrincipal As WindowsPrincipal = CType(Thread.CurrentPrinci pal, WindowsPrincipal)
' Check if the user account is an Administrator
If WinPrincipal.IsInRole(Wind owsBuiltIn Role.Admin istrator) Then
Return True
Else
Return False
End If
End Function
End Class
FrmLogin.vb
=======
Private Sub btnOK_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnOK.Click
' Instantiate a custom Users class
Dim objUser As New Users
Dim GenPrincipal As GenericPrincipal
Dim strName As String = txtLoginName.Text
Dim strPassword As String = txtPassword.Text
' Check for Windows Administrator. Administrator can bypass
' custom security system.
If chkAdministratorAccount.Ch ecked Then
If objUser.IsAdministrator Then
' Display the Users Name (Windows or Generic)
MsgBox(Thread.CurrentPrinc ipal.Ident ity.Name & " has logged in successfully!", MsgBoxStyle.Information, "Login Successful")
' Show Main Form
Dim Main As New frmMain
Main.ShowDialog()
' Hide the Login Form
Me.Close()
Else
' Increment login attempts
intLoginAttempts += 1
MsgBox("User not an Administrator. Please provide a User Name and Password.", MsgBoxStyle.Exclamation, Me.Text)
End If
Else
' Check that the login exists
If objUser.IsLogin(strName, strPassword) Then
GenPrincipal = objUser.GetLogin(strName, strPassword)
Thread.CurrentPrincipal = GenPrincipal
' Display the Users Name (Windows or Generic)
MsgBox(Thread.CurrentPrinc ipal.Ident ity.Name & " has logged in successfully!", MsgBoxStyle.Information, "Login Successful")
' Show Main Form
Dim Main As New frmMain
Main.ShowDialog()
' Hide the Login Form
Me.Close()
Else
' Increment login attempts
intLoginAttempts += 1
' After the 3 attempts quit the application
If intLoginAttempts >= 3 Then
MsgBox("Too many failed login attempts", MsgBoxStyle.Exclamation, Me.Text)
End
Else
MsgBox("User Name not found. Please try again", MsgBoxStyle.Exclamation, Me.Text)
End If
End If
End If
End Sub
Below is a code in my application, it is working, but can't let user change thier Password. If user name and password store in to XML, this is possible user change thier password? If yes can tell me how do I write a code to change a password? If not, what is a good method to create a user login and change password screen? Store user name and password in database ? How? Any example?
Please take a look my code, users.xml, users.vb and FrmLogin, please advise how do I wirte / add a code for user change password. Thanks.
users.xml
======
<?xml version="1.0" encoding="utf-8" ?>
<users>
<user>
<name>Manager</name>
<password>TESTME</password
<role>Manager</role>
</user>
<user>
<name>Supervisor</name>
<password>TESTME</password
<role>Supervisor</role>
</user>
</users>
users.vb
=====
Option Strict On
Imports System.Security.Principal
Imports System.Threading
Imports System.IO
Public Class Users
Function IsLogin(ByVal strName As String, ByVal strPassword As String) As Boolean
' Procedure checks that the login exists in the XML file
Dim dsUsers As New DataSet
Dim drRows() As DataRow
Try
' Read the XML into a DataSet and filter on name and password
' for a collection of DataRows. This method is not case-sensitive
dsUsers.ReadXml("..\Users.
drRows = dsUsers.Tables(0).Select("
strName & "' and password = '" & strPassword & "'")
' Code must be implemented when adding users to the list to insure
' that there are no 2 users with the same name
' If there is a row in the collection then a record was found
If drRows.Length > 0 Then
Return True
Else
Return False
End If
Catch e As FileNotFoundException
MsgBox("Users.Xml file not found.", MsgBoxStyle.Critical, "Unable to Authenticate user.")
End
End Try
End Function
Function GetLogin(ByVal strName As String, ByVal strPassword As String) As GenericPrincipal
' Procedure returns a Generic Principal representing the login account
Dim dsUsers As New DataSet
Dim drRows() As DataRow
Try
' Read the XML into a DataSet and filter for a collection of DataRows
dsUsers.ReadXml("..\Users.
drRows = dsUsers.Tables(0).Select("
strName & "' and password = '" & strPassword & "'")
Catch e As FileNotFoundException
MsgBox("Users.Xml file not found.", MsgBoxStyle.Critical, "Shutting Down...")
End
End Try
' Create the Generic Identity representing the User
Dim GenIdentity As New GenericIdentity(strName)
' Define the role membership as an array
Dim Roles() As String = {CStr(drRows(0).Item("Role
Dim GenPrincipal As New GenericPrincipal(GenIdenti
Return GenPrincipal
End Function
Function IsAdministrator() As Boolean
' Procedure checks if the Windows Login is an Administrator
' For single role-based validation
' Dim WinPrincipal As New WindowsPrincipal(WindowsId
' For repeated role-based validation
AppDomain.CurrentDomain.Se
Dim WinPrincipal As WindowsPrincipal = CType(Thread.CurrentPrinci
' Check if the user account is an Administrator
If WinPrincipal.IsInRole(Wind
Return True
Else
Return False
End If
End Function
End Class
FrmLogin.vb
=======
Private Sub btnOK_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnOK.Click
' Instantiate a custom Users class
Dim objUser As New Users
Dim GenPrincipal As GenericPrincipal
Dim strName As String = txtLoginName.Text
Dim strPassword As String = txtPassword.Text
' Check for Windows Administrator. Administrator can bypass
' custom security system.
If chkAdministratorAccount.Ch
If objUser.IsAdministrator Then
' Display the Users Name (Windows or Generic)
MsgBox(Thread.CurrentPrinc
' Show Main Form
Dim Main As New frmMain
Main.ShowDialog()
' Hide the Login Form
Me.Close()
Else
' Increment login attempts
intLoginAttempts += 1
MsgBox("User not an Administrator. Please provide a User Name and Password.", MsgBoxStyle.Exclamation, Me.Text)
End If
Else
' Check that the login exists
If objUser.IsLogin(strName, strPassword) Then
GenPrincipal = objUser.GetLogin(strName, strPassword)
Thread.CurrentPrincipal = GenPrincipal
' Display the Users Name (Windows or Generic)
MsgBox(Thread.CurrentPrinc
' Show Main Form
Dim Main As New frmMain
Main.ShowDialog()
' Hide the Login Form
Me.Close()
Else
' Increment login attempts
intLoginAttempts += 1
' After the 3 attempts quit the application
If intLoginAttempts >= 3 Then
MsgBox("Too many failed login attempts", MsgBoxStyle.Exclamation, Me.Text)
End
Else
MsgBox("User Name not found. Please try again", MsgBoxStyle.Exclamation, Me.Text)
End If
End If
End If
End Sub
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
http://www.planetsourcecode.com/vb/scripts/ShowCode.asp?lngWId=10&txtCodeId=2644
Cheers.