• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 206
  • Last Modified:

login form - urgent please

hi there..
i need to build a login form in asp.net using vb.net and sql server db.

the form contains (id and password) when user enters his data the asp.net code must check if he has a record .
if the user flag=1 he will be redirected to file1.aspx
if the user flag=2 he will be redirected to file2.aspx
if he has no record he will be redirected to exit.aspx
(i need full code please if possible because basicly i am classic asp programmer and this is required by asp.net)
this is the table structure (users).
---------------------------------------------
id      varchar      50      
password      varchar      50      
flag      char      1      
---------------------------------------------
0
anasalama
Asked:
anasalama
  • 6
  • 4
1 Solution
 
TorrwinCommented:
You need to put a select statement in your page load sub, that will select the password and flag from your table where the userid = the userid entered by the user.  Then compare the passwords.  If the passwords match, then redirect as needed. (If flag = 1 then... else if flag = 2 then...)  Store the username and password in session variables, and then in the page load of your subsequent pages, make sure the session credentials match the DB, or else redirect them to the login page.  

There's the theory behind it, I'm not going to write the entire code for you for only 50 points...
0
 
anasalamaAuthor Commented:
Can you write it for 110 points ?
This all waht i have
0
 
TorrwinCommented:
The code for the login page would be:

    Dim CS As String
    Dim myConn As SqlClient.SqlConnection
    Dim myCommand As SqlClient.SqlCommand
    Dim myAdapter As SqlClient.SqlDataAdapter
    Dim dsAdmin As DataSet
    Dim FoundPW As String
    Dim numtries As Integer = 0

Private Sub btnSubmit_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnSubmit.Click
        CS = "Server=IP_ADDRESS;initial catalog=DATABASE_NAME;uid=ADMIN_ID;pwd=ADMIN_PW;"

        myConn = New SqlClient.SqlConnection()
        myConn.ConnectionString = CS
        myConn.Open()

        myCommand = New SqlClient.SqlCommand()
        myCommand.Connection = myConn
        myCommand.CommandText = "select * from LOGIN_TABLE_NAME where ID = '" & txtUserName.Text & "'"

        myAdapter = New SqlClient.SqlDataAdapter()
        myAdapter.SelectCommand = myCommand

        dsAdmin = New DataSet()
        myAdapter.Fill(dsAdmin, "admin")

        If dsAdmin.Tables(0).Rows.Count = 0 Then
            Response.Redirect("exit.aspx")
        End If

        FoundPW = dsAdmin.Tables(0).Rows(0).Item("password")
        FoundPW = FoundPW.TrimEnd

        If FoundPW = txtPW.Text Then
            Session("Userid") = txtUserName.Text
            Session("Password") = txtPW.Text
            If dsAdmin.Tables(0).Rows(0).Item("flag") = 1
                 Response.Redirect("file1.aspx")
            ElseIf dsAdmin.Tables(0).Rows(0).Item("flag") = 2
                 Response.Redirect("file2.aspx")
            Else
                 Response.Redirect("exit.aspx")
        Else
            txtUserName.Text = ""
            txtPW.Text = ""
            lblSuccess.Text = "Invalid UserName or Password."
            numtries += 1
            If numtries = 3 Then
                numtries = 0
                Response.Redirect("exit.aspx")
            End If
        End If

    End Sub
------------------------------------------------------------------------------------------------------------------

And then this would go in the corresponding pages that you only want logged in users to have access to.  Put it in the page load event.

Private Sub Page_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
        'Put user code to initialize the page here
        Dim CS As String
        Dim myConn As SqlClient.SqlConnection
        Dim myCommand As SqlClient.SqlCommand
        Dim myAdapter As SqlClient.SqlDataAdapter
        Dim dsAdmin As DataSet
        Dim FoundPW As String
        Dim numtries As Integer = 0

        CS = "Server=IP_ADDRESS;initial catalog=DATABASE_NAME;uid=ADMIN_USER_ID;pwd=ADMIN_PW;"

        myConn = New SqlClient.SqlConnection()
        myConn.ConnectionString = CS
        myConn.Open()

        myCommand = New SqlClient.SqlCommand()
        myCommand.Connection = myConn
        myCommand.CommandText = "select * from LOGIN_TABLE_NAME where ID = '" & Session("Userid") & "'"

        myAdapter = New SqlClient.SqlDataAdapter()
        myAdapter.SelectCommand = myCommand

        dsAdmin = New DataSet()
        myAdapter.Fill(dsAdmin, "admin")

        If dsAdmin.Tables(0).Rows.Count = 0 Then
            Response.Redirect("exit.aspx")
        End If

        FoundPW = dsAdmin.Tables(0).Rows(0).Item("password")
        FoundPW = FoundPW.TrimEnd

        If FoundPW <> Session("Password") Then
            Response.Redirect("exit.aspx")
        End If
    End Sub
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
anasalamaAuthor Commented:
Ok Torrwin .. i tried the code after making some changes ..
but i got this error :

-----------------------------------------------------------------------------------
Compilation Error
Description: An error occurred during the compilation of a resource required to service this request. Please review the following specific error details and modify your source code appropriately.

Compiler Error Message: BC30506: Handles clause requires a WithEvents variable.

Source Error:
 
Line 13:     Dim FoundPW As String
Line 14:     Dim numtries As Integer = 0
Line 15: Private Sub btnSubmit_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnSubmit.Click
Line 16:    
Line 17:         CS = "Server=127.0.0.1;initial catalog=latham;uid=sa;pwd=;"
 
Source File: C:\Inetpub\wwwroot\loginpage\login.aspx    Line: 15
-----------------------------------------------------------------------------------
This is the code :
-----------------------------------------------------------------------------------

<%@ Page Language="VB" %>
<%@ Import Namespace="System.Data" %>
<%@ import Namespace="System.Data.SqlClient" %>
<html>
      <head>
            <title>Login Form ...</title>
<script runat="server">
Dim CS As String
    Dim myConn As SqlClient.SqlConnection
    Dim myCommand As SqlClient.SqlCommand
    Dim myAdapter As SqlClient.SqlDataAdapter
    Dim dsAdmin As DataSet
    Dim FoundPW As String
    Dim numtries As Integer = 0
Private Sub btnSubmit_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnSubmit.Click
   
        CS = "Server=127.0.0.1;initial catalog=latham;uid=sa;pwd=;"

        myConn = New SqlClient.SqlConnection()
        myConn.ConnectionString = CS
        myConn.Open()

        myCommand = New SqlClient.SqlCommand()
        myCommand.Connection = myConn
        myCommand.CommandText = "select * from users where ID = '" & txtUserName.Text & "'"

        myAdapter = New SqlClient.SqlDataAdapter()
        myAdapter.SelectCommand = myCommand

        dsAdmin = New DataSet()
        myAdapter.Fill(dsAdmin, "admin")

        If dsAdmin.Tables(0).Rows.Count = 0 Then
            Response.Redirect("exit.aspx")
        End If

        FoundPW = dsAdmin.Tables(0).Rows(0).Item("password")
        FoundPW = FoundPW.TrimEnd

        If FoundPW = txtPW.Text Then
            Session("Userid") = txtUserName.Text
            Session("Password") = txtPW.Text
            If dsAdmin.Tables(0).Rows(0).Item("flag") = 1
                 Response.Redirect("file1.aspx")
            ElseIf dsAdmin.Tables(0).Rows(0).Item("flag") = 2
                 Response.Redirect("file2.aspx")
            Else
                 Response.Redirect("exit.aspx")
        Else
            txtUserName.Text = ""
            txtPW.Text = ""
            lblSuccess.Text = "Invalid UserName or Password."
            numtries += 1
            If numtries = 3 Then
                numtries = 0
                Response.Redirect("exit.aspx")
            End If
        End If

    End Sub
 </script>
            <style type="text/css">
BODY {
            scrollbar-3dlight-color:black;
            scrollbar-arrow-color:white;
            scrollbar-base-color:RGB(75,75,150);
            scrollbar-track-color:white;
            scrollbar-darkshadow-color:white;
            scrollbar-face-color:RGB(75,75,150);
            scrollbar-highlight-color:RGB(75,75,150);
            scrollbar-shadow-color:black      }
</style>

</head>

      <body ms_positioning="GridLayout">
            <form id="Form1" method="post" runat="server">
                  <asp:label id="Label5" runat="server" font-names="Tahoma" font-size="X-Large" style="LEFT: 54px; POSITION: absolute; TOP: 24px">ID :</asp:label>
                  <asp:textbox id="txtUserName" runat="server" font-size="X-Small" font-names="Tahoma" width="174px" height="24px" tabindex="1" style="LEFT: 136px; POSITION: absolute; TOP: 114px"></asp:textbox>
                  <asp:label id="Label1" runat="server" font-names="Tahoma" font-size="X-Small" style="LEFT: 54px; POSITION: absolute; TOP: 119px">Password :</asp:label>
                  <asp:textbox id="txtPW" runat="server" font-size="X-Small" font-names="Tahoma" width="174" height="24" tabindex="2" style="LEFT: 134px; POSITION: absolute; TOP: 155px"></asp:textbox>
                  <asp:button id="btnSend" onclick="btnSubmit_Click" runat="server" font-names="Tahoma" text="Send" backcolor="Navy" tabindex="5" font-size="X-Small" forecolor="White" style="LEFT: 212px; POSITION: absolute; TOP: 328px"></asp:button>
                  
            </form>
      </body>
</html>

-----------------------------------------------------------------------------------
When i removed (Handles btnSubmit.Click) i got another if-else error :
Compilation Error
Description: An error occurred during the compilation of a resource required to service this request. Please review the following specific error details and modify your source code appropriately.

Compiler Error Message: BC30081: 'If' must end with a matching 'End If'.

Source Error:
 
Line 38:         FoundPW = FoundPW.TrimEnd
Line 39:
Line 40:         If FoundPW = txtPW.Text Then
Line 41:             Session("Userid") = txtUserName.Text
Line 42:             Session("Password") = txtPW.Text
 

Source File: C:\Inetpub\wwwroot\loginpage\login.aspx    Line: 40

-----------------------------------------------------------------------------------------

Any idea ?
0
 
TorrwinCommented:
Count up your if statements, you probably deleted an if or end if statement and forgot to also delete its counterpart.  

 If FoundPW = txtPW.Text Then
            Session("Userid") = txtUserName.Text
            Session("Password") = txtPW.Text
            If dsAdmin.Tables(0).Rows(0).Item("flag") = 1
                 Response.Redirect("file1.aspx")
            ElseIf dsAdmin.Tables(0).Rows(0).Item("flag") = 2
                 Response.Redirect("file2.aspx")
            Else
                 Response.Redirect("exit.aspx")
        Else
            txtUserName.Text = ""
            txtPW.Text = ""
            lblSuccess.Text = "Invalid UserName or Password."
            numtries += 1
            If numtries = 3 Then
                numtries = 0
                Response.Redirect("exit.aspx")
            End If
        End If
0
 
anasalamaAuthor Commented:
would you try your code in your machine ?
i did not delete any 'if' or 'end if'
0
 
anasalamaAuthor Commented:
When i remove this part the code runs well but "Invalid UserName or Password" does not appear.!!
The problem is in this segment "
-----------------------------------------------------------------------------
        Else
            txtUserName.Text = ""
            txtPW.Text = ""
            lblSuccess.Text = "Invalid UserName or Password."
            numtries += 1
-----------------------------------------------------------------------------
0
 
TorrwinCommented:
I copied this code directly from my page so I know it is in working order.  Well, except I changed the server and table names.

Are you trying to run this as a script?  Right click on your form in the solution explorer and choose "view code".  Thats where the code should be placed.
0
 
anasalamaAuthor Commented:
I don't know what are you talking about !?
of course I don't try to run the only vb script in my browser !
did you read my first reply ?
I made some changes .. now the vb code + html exist in the same file .
there is problem with your if - else statements.
would you run this file in your computer please and tell the result(just change the connection and the db(
---------------------------------------------------------------------------------
<%@ Page Language="VB" %>
<%@ Import Namespace="System.Data" %>
<%@ import Namespace="System.Data.SqlClient" %>
<html>
      <head>
            <title>Login Form ...</title>
<script runat="server">
Dim CS As String
    Dim myConn As SqlClient.SqlConnection
    Dim myCommand As SqlClient.SqlCommand
    Dim myAdapter As SqlClient.SqlDataAdapter
    Dim dsAdmin As DataSet
    Dim FoundPW As String
    Dim numtries As Integer = 0
Private Sub btnSubmit_Click(ByVal sender As System.Object, ByVal e As System.EventArgs)
         ' Handles btnSubmit.Click
   
        CS = "Server=127.0.0.1;initial catalog=latham;uid=sa;pwd=;"

        myConn = New SqlClient.SqlConnection()
        myConn.ConnectionString = CS
        myConn.Open()

        myCommand = New SqlClient.SqlCommand()
        myCommand.Connection = myConn
        myCommand.CommandText = "select * from users where ID = '" & txtUserName.Text & "'"

        myAdapter = New SqlClient.SqlDataAdapter()
        myAdapter.SelectCommand = myCommand

        dsAdmin = New DataSet()
        myAdapter.Fill(dsAdmin, "admin")

        If dsAdmin.Tables(0).Rows.Count = 0 Then
            Response.Redirect("exit.aspx")
        End If

        FoundPW = dsAdmin.Tables(0).Rows(0).Item("password")
        FoundPW = FoundPW.TrimEnd

        If FoundPW = txtPW.Text Then
            Session("Userid") = txtUserName.Text
            Session("Password") = txtPW.Text
            If dsAdmin.Tables(0).Rows(0).Item("flag") = 1
                 Response.Redirect("file1.aspx")
            ElseIf dsAdmin.Tables(0).Rows(0).Item("flag") = 2
                 Response.Redirect("file2.aspx")
            Else
                 Response.Redirect("exit.aspx")
        Else
            txtUserName.Text = ""
            txtPW.Text = ""
            lblSuccess.Text = "Invalid UserName or Password."
            numtries += 1
        end if
            If numtries = 3 Then
                numtries = 0
                Response.Redirect("exit.aspx")
            End If
        End If

    End Sub
 </script>
            <style type="text/css">
BODY {
            scrollbar-3dlight-color:black;
            scrollbar-arrow-color:white;
            scrollbar-base-color:RGB(75,75,150);
            scrollbar-track-color:white;
            scrollbar-darkshadow-color:white;
            scrollbar-face-color:RGB(75,75,150);
            scrollbar-highlight-color:RGB(75,75,150);
            scrollbar-shadow-color:black      }
</style>

</head>

      <body ms_positioning="GridLayout">
            <form id="Form1" method="post" runat="server">
                  <asp:label id="Label5" runat="server" font-names="Tahoma" font-size="X-Large" style="LEFT: 54px; POSITION: absolute; TOP: 24px">ID :</asp:label>
                  <asp:textbox id="txtUserName" runat="server" font-size="X-Small" font-names="Tahoma" width="174px" height="24px" tabindex="1" style="LEFT: 136px; POSITION: absolute; TOP: 114px"></asp:textbox>
                  <asp:label id="Label1" runat="server" font-names="Tahoma" font-size="X-Small" style="LEFT: 54px; POSITION: absolute; TOP: 119px">Password :</asp:label>
                  <asp:textbox id="txtPW" runat="server" font-size="X-Small" font-names="Tahoma" width="174" height="24" tabindex="2" style="LEFT: 134px; POSITION: absolute; TOP: 155px"></asp:textbox>
                  <asp:label id="lblSuccess" runat="server" font-names="Tahoma" font-size="X-Small" style="LEFT: 54px; POSITION: absolute; TOP: 119px">Password :</asp:label>
                  <asp:button id="btnSend" onclick="btnSubmit_Click" runat="server" font-names="Tahoma" text="Send" backcolor="Navy" tabindex="5" font-size="X-Small" forecolor="White" style="LEFT: 212px; POSITION: absolute; TOP: 328px"></asp:button>
                  
                  
            </form>
      </body>
</html>
---------------------------------------------------------------------------------
0
 
anasalamaAuthor Commented:
Thank you very much ...
It works now .
i wrote :
---------------------------------------------------------
FoundID = dsAdmin.Tables(0).Rows(0).Item("ID")
FoundID = FoundID.TrimEnd
---------------------------------------------------------
and
---------------------------------------------------------
If FoundPW <> txtPW.Text or FoundID <> txtUserName.Text  Then
  lblSuccess.Text = "<br><br><br><br><br><br>Invalid UserName or Password."
end if
--------------------------------------------------------

0

Featured Post

Vote for the Most Valuable Expert

It’s time to recognize experts that go above and beyond with helpful solutions and engagement on site. Choose from the top experts in the Hall of Fame or on the right rail of your favorite topic page. Look for the blue “Nominate” button on their profile to vote.

  • 6
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now