WebMethod - bool AuthenticateUser question?

Posted on 2006-05-30
Last Modified: 2012-06-27
I found this on the Internet. It seems like a good idea, but it always returns True:

Q. Is there something wrong with this code?

    public bool AuthenticateUser(string User, string Password)
            string sql = " IF EXISTS (Select User From tbl_Users Where Users = '" + Email.ToString() + "')"+
                " SELECT Password FROM tbl_Users WHERE Password = '" + Password.ToString() + "' ";
            cn = new SqlConnection("integrated security=SSPI;server=localhost; persist security info=False;initial catalog=Northwind");
            SqlDataAdapter da = new SqlDataAdapter(sql, cn);

            return true;
            return false;
Question by:kvnsdr
    LVL 4

    Accepted Solution

    As there in no exception thrown by the executenonquery, even if nothing is fecthed, this always return true.
    I would suggest something like this:
    Private Function AuthenticateUser(ByVal userName As String, ByVal passWord As String) As Boolean
                Dim sql As String
                sql = "select count(*) from tbl_users where user_name = '" + userName + "' and user_password = '" + passWord + "'"
                Dim cn As New SqlConnection("Server=servername;User Id=sa;Password=sa;Trusted_Connection=False;Initial Catalog=northwind")
                Dim da As New SqlDataAdapter(sql, cn)
                Dim n As Integer
                n = da.SelectCommand.ExecuteScalar
                If n = 1 Then
                    Return True
                    Return False
                End If

            Catch ex As Exception
                Return False
            End Try
        End Function
    LVL 1

    Author Comment

    Very simple, just the way I like it, however I recieve the following compile error message:

    Cannot implicitly convert type 'object' to 'int'. An explicit conversion exists (are you missing a cast?)
    LVL 1

    Author Comment

    Never Mind, I forgot to include all the { } in the If Else method.
    LVL 1

    Author Comment

    More points, another question regarding WebServices.

    I using the following code in a Windows App to recieve the WebMethod bool return into a textbox and also check email & pass authorization for other methods to use...

    I always returns a False......

    string strEmail = txtEmail.Text; strPassword = txtPassword.Text;

    private bool AuthenticateUser(string sEmail, string sPassword)
                MyWebSite.Service service1 = new MyWebSite.Service();
                service1.Credentials = CredentialCache.DefaultCredentials;
                bool EmailPass = service1.AuthenticateUser(strEmail, strPassword);

                txtbool.Text = EmailPass.ToString();

                return EmailPass;
    LVL 4

    Expert Comment

    This works fine for me in VS2003 and VS2005. Check the authentication you are using for your web service in IIS. Use Integrated Windows Authentication and remove Anonymous Access.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Maximize Your Threat Intelligence Reporting

    Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

    Sometimes in DotNetNuke module development you want to swap controls within the same module definition.  In doing this DNN (somewhat annoyingly) swaps the Skin and Container definitions to the default admin selections.  To get around this you need t…
    A quick way to get a menu to work on our website, is using the Menu control and assign it to a web.sitemap using SiteMapDataSource. Example of web.sitemap file: (CODE) Sample code to add to the page menu: (CODE) Running the application, we wi…
    Need more eyes on your posted question? Go ahead and follow the quick steps in this video to learn how to Request Attention to your question. *Log into your Experts Exchange account *Find the question you want to Request Attention for *Go to the e…
    Hi everyone! This is Experts Exchange customer support.  This quick video will show you how to change your primary email address.  If you have any questions, then please Write a Comment below!

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    15 Experts available now in Live!

    Get 1:1 Help Now