Solved

Create a User Login and Change Password Screen in VB.NET

Posted on 2004-10-01
3
529 Views
Last Modified: 2012-08-13
I have used the XML to store Users Name and Password, User Login screen I have done but the Change Passowrd part I haven't done yet, I don't know how to write a code for Change Password.

Below is a code in my application, it is working, but can't let user change thier Password. If user name and password store in to XML, this is possible user change thier password? If yes can tell me how do I write a code to change a password? If not, what is a good method to create a user login and change password screen? Store user name and password in database ? How? Any example?

Please take a look my code, users.xml, users.vb and FrmLogin, please advise how do I wirte / add a code for user change password. Thanks.


 users.xml
======
<?xml version="1.0" encoding="utf-8" ?>
<users>
      <user>
            <name>Manager</name>
            <password>TESTME</password>
            <role>Manager</role>
      </user>
      <user>
            <name>Supervisor</name>
            <password>TESTME</password>
            <role>Supervisor</role>
      </user>
</users>



users.vb
=====
Option Strict On

Imports System.Security.Principal
Imports System.Threading
Imports System.IO
Public Class Users
    Function IsLogin(ByVal strName As String, ByVal strPassword As String) As Boolean
        ' Procedure checks that the login exists in the XML file

        Dim dsUsers As New DataSet
        Dim drRows() As DataRow

        Try
            ' Read the XML into a DataSet and filter on name and password
            ' for a collection of DataRows.  This method is not case-sensitive            
            dsUsers.ReadXml("..\Users.xml")
            drRows = dsUsers.Tables(0).Select("name = '" & _
                        strName & "' and password = '" & strPassword & "'")

            ' Code must be implemented when adding users to the list to insure
            ' that there are no 2 users with the same name
            ' If there is a row in the collection then a record was found
            If drRows.Length > 0 Then
                Return True
            Else
                Return False
            End If
        Catch e As FileNotFoundException
            MsgBox("Users.Xml file not found.", MsgBoxStyle.Critical, "Unable to Authenticate user.")
            End
        End Try
    End Function
    Function GetLogin(ByVal strName As String, ByVal strPassword As String) As GenericPrincipal
        ' Procedure returns a Generic Principal representing the login account

        Dim dsUsers As New DataSet
        Dim drRows() As DataRow

        Try
            ' Read the XML into a DataSet and filter for a collection of DataRows
            dsUsers.ReadXml("..\Users.xml")
            drRows = dsUsers.Tables(0).Select("name = '" & _
                    strName & "' and password = '" & strPassword & "'")
        Catch e As FileNotFoundException
            MsgBox("Users.Xml file not found.", MsgBoxStyle.Critical, "Shutting Down...")
            End
        End Try

        ' Create the Generic Identity representing the User
        Dim GenIdentity As New GenericIdentity(strName)
        ' Define the role membership as an array
        Dim Roles() As String = {CStr(drRows(0).Item("Role")), ""}
        Dim GenPrincipal As New GenericPrincipal(GenIdentity, Roles)

        Return GenPrincipal
    End Function
    Function IsAdministrator() As Boolean
        ' Procedure checks if the Windows Login is an Administrator

        ' For single role-based validation
        ' Dim WinPrincipal As New WindowsPrincipal(WindowsIdentity.GetCurrent())

        ' For repeated role-based validation
        AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal)
        Dim WinPrincipal As WindowsPrincipal = CType(Thread.CurrentPrincipal, WindowsPrincipal)

        ' Check if the user account is an Administrator
        If WinPrincipal.IsInRole(WindowsBuiltInRole.Administrator) Then
            Return True
        Else
            Return False
        End If
    End Function

End Class


FrmLogin.vb
=======
Private Sub btnOK_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnOK.Click
        ' Instantiate a custom Users class
        Dim objUser As New Users
        Dim GenPrincipal As GenericPrincipal

        Dim strName As String = txtLoginName.Text
        Dim strPassword As String = txtPassword.Text

        ' Check for Windows Administrator.  Administrator can bypass
        ' custom security system.
        If chkAdministratorAccount.Checked Then
            If objUser.IsAdministrator Then
                ' Display the Users Name (Windows or Generic)
                MsgBox(Thread.CurrentPrincipal.Identity.Name & " has logged in successfully!", MsgBoxStyle.Information, "Login Successful")

                ' Show Main Form
                Dim Main As New frmMain
                Main.ShowDialog()

                ' Hide the Login Form
                Me.Close()

            Else
                ' Increment login attempts
                intLoginAttempts += 1
                MsgBox("User not an Administrator.  Please provide a User Name and Password.", MsgBoxStyle.Exclamation, Me.Text)
            End If
        Else
            ' Check that the login exists
            If objUser.IsLogin(strName, strPassword) Then
                GenPrincipal = objUser.GetLogin(strName, strPassword)
                Thread.CurrentPrincipal = GenPrincipal

                ' Display the Users Name (Windows or Generic)
                MsgBox(Thread.CurrentPrincipal.Identity.Name & " has logged in successfully!", MsgBoxStyle.Information, "Login Successful")

                ' Show Main Form
                Dim Main As New frmMain
                Main.ShowDialog()

                ' Hide the Login Form
                Me.Close()
            Else
                ' Increment login attempts
                intLoginAttempts += 1

                ' After the 3 attempts quit the application
                If intLoginAttempts >= 3 Then
                    MsgBox("Too many failed login attempts", MsgBoxStyle.Exclamation, Me.Text)
                    End
                Else
                    MsgBox("User Name not found.  Please try again", MsgBoxStyle.Exclamation, Me.Text)
                End If
            End If
        End If

    End Sub
0
Comment
Question by:kaifong78
  • 2
3 Comments
 
LVL 7

Expert Comment

by:J_Mak
ID: 12210579
0
 
LVL 7

Accepted Solution

by:
J_Mak earned 125 total points
ID: 12210583
0

Featured Post

Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Article by: Kraeven
Introduction Remote Share is a simple remote sharing tool, enabling you to see, add and remove remote or local shares. The application is written in VB.NET targeting the .NET framework 2.0. The source code and the compiled programs have been in…
Introduction As chip makers focus on adding processor cores over increasing clock speed, developers need to utilize the features of modern CPUs.  One of the ways we can do this is by implementing parallel algorithms in our software.   One recent…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question