?
Solved

Code for a logon page

Posted on 2005-03-24
3
Medium Priority
?
212 Views
Last Modified: 2010-04-16
Hello

I'm creating a website and on my home page i havethe usual..a few labels/textboxes and a button for logging in.

For the Click event of this button i write the following code:

if (Page.IsValid)
 {
  string username = this.txtUserName.Text;
  string password = this.txtPassword.Text;

  this.sqlConnection1.Open();
  this.sqlDataAdapter1.SelectCommand.Parameters["@username"].Value = username;
  int datarows = this.sqlDataAdapter1.Fill(this.dataSet1,"UserDetails");
  this.sqlConnection1.Close();

  if (datarows == 0)
  this.lblMessage.Text = "The username you entered is incorrect. Please try again.";

  else
  {
   if (this.dataSet1.Tables["UserDetails"].Rows[0][1].ToString() == password)
   {
    string role = this.dataSet1.Tables["UserDetails"].Rows[0][2].ToString();
    Session["Username"] = username;
    Session["Role"] = role;

    if (role == "Disabled")
    {
     this.lblMessage.Text = "Your account is disabled. Please contact your administrator.";
     return;
    }

    switch (role)
    {
     case "BM":
     Response.Redirect(".\\BM\\AddFlight.aspx");
     break;
     case "NA":
     Response.Redirect(".\\NA\\ManageUsers.aspx");
     break;
     case "LOB":
     Response.Redirect(".\\LOB\\CreateRes.aspx");
     break;
    }
  }

    else
       this.lblMessage.Text = "The password you entered is incorrect. Please try again.";
 }
  this.dataSet1.Clear();                        
}
-------------------------------------------------------------------------------------------------------------

logic: If the user has filled in the textboxes, get the username,execute the select statement and store the result in the dataset. If there are no rows, the user entered the wrong username. If there is one check to see if the password he entered matches the one in the dataset. If yes check the role of the user. If it is disables display a message, otherwise redirect him to the relevant age.
Else, if the password do not match display a message.

But my problem is that whatever i do, the outcome of clicking the button is the message for the wrong password. So that line is always executed. Have u got an idea how to avoid this?

I appreciate every comment
0
Comment
Question by:Kokas79
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 4

Expert Comment

by:imperial_p79
ID: 13621935
is the password really matching the one in the database? if yes, check if it is case-sensitive, check for spaces
0
 
LVL 9

Expert Comment

by:WinterMuteUK
ID: 13622091
You're accessing the row data using:

this.dataSet1.Tables["UserDetails"].Rows[0][1]

Are you sure [1] is the password field? Have you tried accessing it via something like:

this.dataSet1.Tables["UserDetails"].Rows[0]["password"]

Where "password" is the name of your column?

Wint.
0
 
LVL 9

Accepted Solution

by:
WinterMuteUK earned 1000 total points
ID: 13622159
Also, another thing I remembered from some of my db stuff, is that if the 'password' field in the db is a char of a set size then you may want to compare:

(this.dataSet1.Tables["UserDetails"].Rows[0][1].ToString().Trim() == password)
                                                                                       ^----- here.

The .Trim() method on the ToString() will trim off the whitespaces that may be put there to pad out the field.

Wint.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Calculating holidays and working days is a function that is often needed yet it is not one found within the Framework. This article presents one approach to building a working-day calculator for use in .NET.
The article shows the basic steps of integrating an HTML theme template into an ASP.NET MVC project
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…
Suggested Courses

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question