• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 373
  • Last Modified:

Login Easy URGENT.

I have a login Page. When I click on submit it never validates. There must be something missing.


aspx code:
<%@ Register TagPrefix="mspos" TagName="header" Src="~/Engine/Controls/header.ascx" %>
<%@ Register TagPrefix="uc1" TagName="footer" Src="Engine/Controls/footer.ascx" %>
<%@ Page language="c#" Codebehind="login.aspx.cs" AutoEventWireup="false" Inherits="MSPOS.login" %>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<HTML>
<HEAD>
<title></title>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii ">
<meta content="C#" name="CODE_LANGUAGE">
<meta http-equiv="Page-Exit" content="blendTrans(Duration=1.0)">
</HEAD>
<body background="images/bg.gif" leftMargin="0" topMargin="0" marginheigh="0" marginwidth="0"
            bgColor="#fef9e9">
<table cellspacing="0" cellpadding="0" width="100%" border="0">
<tbody>
<tr>
<td>
<mspos:header id="Header1" runat="server"></mspos:header>
</td>
<LINK rel="stylesheet" type="text/css" href="http://localhost/MSPOS/mspos.css">
</tr>
<tr>
<td>&nbsp;
</td>
</tr>
<tr>
<td valign="middle" align="center">
<form id="login" name="form1" method="post" runat="server">
<asp:validationsummary id="ValidationSummary1" runat="server" HeaderText="The following error(s) occurred while login in:"></asp:validationsummary>
<P>
<asp:label id="lbPrompt" runat="server"></asp:label></P>
<BR>
<table bordercolor="#cccc99" cellspacing="0" cellpadding="0" width="369" align="center"
                                                border="2" bgColor="#fef9e9" height="176">
<tbody>
<tr>
<td align="center">
<table cellspacing="4" cellpadding="3" width="100%" background="file:///D|/webprojects/vipdotnet/images/tdback.jpg"
                                                                        border="0">
<tbody>
<tr>
<td nowrap colspan="2">
<P align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif" color="#000000" size="2"><STRONG>Please Enter your Username and Password</STRONG></FONT></P>
</td>
</tr>
<tr>
<td>
<P align="right">
<IMG height="40" src="images/key.gif" width="36">&nbsp;</P>
</td>
<td>&nbsp; <FONT color="#adae7d"><STRONG><FONT face="Arial">User Login</FONT></STRONG></FONT>
</td>
</tr>
<tr>
<td>
<div align="right"><font face="Verdana, Arial, Helvetica, sans-serif" size="2">User Name:</font>
</div>
</td>
<td>
<asp:textbox id="UserName" runat="server" TextMode="SingleLine" MaxLength="32" Width="150px"></asp:textbox>
<asp:requiredfieldvalidator id="RequiredFieldValidator1" runat="server" ControlToValidate="Username" Display="Dynamic"
                                                                                                ErrorMessage="You must enter a Username">*</asp:requiredfieldvalidator>
</td>
</tr>
<tr>
<td>
<div align="right"><font face="Verdana, Arial, Helvetica, sans-serif" size="2">Password:</font>
</div>
</td>
<td>
<asp:textbox id="Password" runat="server" TextMode="Password" MaxLength="40" Width="150px"></asp:textbox>
<asp:requiredfieldvalidator id="RequiredFieldValidator2" runat="server" ControlToValidate="Password" Display="Dynamic"
                                                                                                ErrorMessage="You must enter a Password">*</asp:requiredfieldvalidator>
</td>
</tr>
<tr>
<td>&nbsp;
</td>
<td>
<asp:Button id="Button" runat="server" Text="Submit"></asp:Button></td>
</tr>
</tbody>
</table>
<asp:label id="ErrorMsg" runat="server" ForeColor="Red"></asp:label>
</td>
</tr>
</tbody>
</table>
</form>
<uc1:footer id="Footer1" runat="server"></uc1:footer>
<asp:Label id="Message" runat="server"></asp:Label><BR>
</td>
</tr>
</tbody>
</table>
</body>
</HTML>



aspx.cs code:
------------
using System;
using System.Collections;
using System.ComponentModel;
using System.Data.Odbc;
using System.Drawing;
using System.Text;
using System.Web;
using System.Web.SessionState;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.HtmlControls;
using System.Security.Cryptography;
using System.Security.Principal;
using System.Security.Permissions;
using System.EnterpriseServices;
using System.Web.Security;

namespace MSPOS
{
      /// <summary>
      /// Summary description for login.
      /// </summary>
      ///
      
      
      public class login : System.Web.UI.Page
      {
            protected System.Web.UI.WebControls.TextBox UserName;
            protected System.Web.UI.WebControls.TextBox Password;
            protected System.Web.UI.WebControls.Label Message;
            protected System.Web.UI.WebControls.Button Button;
            protected System.Web.UI.WebControls.ValidationSummary ValidationSummary1;
            protected System.Web.UI.WebControls.Label lbPrompt;
            protected System.Web.UI.WebControls.RequiredFieldValidator RequiredFieldValidator1;
            protected System.Web.UI.WebControls.RequiredFieldValidator RequiredFieldValidator2;
            protected System.Web.UI.WebControls.Label ErrorMsg;
            protected System.Web.UI.HtmlControls.HtmlForm form1;
      
            

            private void Page_Load(object sender, System.EventArgs e)
            {
                  // Put user code to initialize the page here
            }

            #region Web Form Designer generated code
            override protected void OnInit(EventArgs e)
            {
                  //
                  // CODEGEN: This call is required by the ASP.NET Web Form Designer.
                  //
                  InitializeComponent();
                  base.OnInit(e);
            }
            
            /// <summary>
            /// Required method for Designer support - do not modify
            /// the contents of this method with the code editor.
            /// </summary>
            private void InitializeComponent()
            {    
                  this.UserName.TextChanged += new System.EventHandler(this.UserName_TextChanged);
                  this.Password.TextChanged += new System.EventHandler(this.Password_TextChanged);
                  this.Button.Click += new System.EventHandler(this.Button_Click);
                  this.Load += new System.EventHandler(this.Page_Load);

            }
            #endregion

            //Redirect page after login succeed
            public string RedirectPage ="AdminStart.aspx";
            public int chk;

                  


            bool Authenticate(string username, string password)
            {
                  
                  bool authenticated = false;
                  try
                  {
                        string Stringdsn="DSN=MSPOS;UID=system;PWD=system;";
                        string AccessLevel = null;
                        string strSQL = "select * from TBUSERS where USERNAME='" + username + "' and PASSWD='" + password + "'";
                        OdbcConnection Conn = new OdbcConnection(Stringdsn);
                        OdbcCommand Cmd = new OdbcCommand(strSQL, Conn);
                        OdbcDataReader myRead=null; //instancing a datareader
                        Conn.Open();  //opening the connection
                        myRead = Cmd.ExecuteReader();
                        if (myRead!=null)  
                        {  //checking for records
                              if (myRead.Read())
                              {
                                    if (myRead.GetString(1) == username)
                                    {    
                                          //checking username in db with given username
                                          if(myRead.GetString(2) == password)
                                          {   //checking password in db with given password
                                                AccessLevel = myRead.GetString(5);
                                                Session["Authenticated"] = AccessLevel;
                                                if (AccessLevel == "1") // Admin role
                                                      Session.Timeout = 5;
                                                if (AccessLevel == "2") // CC-Manager
                                                      Session.Timeout = 15;
                                                if (AccessLevel == "3") // C-Cashier
                                                      Session.Timeout = 15;
                                                if (AccessLevel == "4") // Cashier
                                                      Session.Timeout = 15;
                                                authenticated =true;
                                          }
                                          else
                                          {
                                                chk=1; // settingflag as 1 if password failed
                                          }
                                    }
                                    else
                                    {
                                          chk=2;  //setting flaga as 2 in username  failed
                                    }
                              }
                        }
                  }
                  catch(Exception e)
                  {
                        Response.Write("Auth Exception: " + e.ToString());
                  }
                  return authenticated;
            }


            private void Button_Click(Object sender, EventArgs e)
            {

                  
                  if (Authenticate(UserName.Text, Password.Text))
                  {
                        string AccessLevel;
                        AccessLevel = Session["Authenticated"].ToString();
                        if (AccessLevel == "1")
                              Response.Redirect("AdminStart.aspx");
                        else
                    if (AccessLevel == "2")
                                    Response.Redirect("CCManStart.aspx");
                        else
                              if (AccessLevel == "3")
                                    Response.Redirect("CCashierStart.aspx");
                        else
                              if (AccessLevel == "4")
                                    Response.Redirect("CashierStart.aspx");
                        else
                              Response.Redirect ("Error.aspx");
                  }
                  else
                  {
                        if (chk==1)
                        {
                              Message.Text=    "Invalid PassWord";
                              Message.Visible =    true;
                        }
                        else
                        {
                              Message.Text=    "Invalid UserName";
                              Message.Visible =    true;
                        }
                  }
            }

            private void UserName_TextChanged(object sender, System.EventArgs e)
            {
            
            }

            private void Password_TextChanged(object sender, System.EventArgs e)
            {
            
            }

            
            
      }
}
0
mathieu_cupryk
Asked:
mathieu_cupryk
1 Solution
 
ryerrasCommented:
this line in Authenticate method

 if (myRead.Read())


should be

while(myRead.Read())

0

Featured Post

Prep for the ITIL® Foundation Certification Exam

December’s Course of the Month is now available! Enroll to learn ITIL® Foundation best practices for delivering IT services effectively and efficiently.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now