[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

Login form

Posted on 2006-11-23
6
Medium Priority
?
354 Views
Last Modified: 2010-04-23
This is the code I'm using for a simple login form, which checks the entered username and password against a table in a remote database:



Imports System.Data.SqlClient

Public Class frmLogin

    Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnLogin.Click
        Dim strLoginConnStr As String
        strLoginConnStr = "Data Source=xxx;" & _
            "Initial Catalog=xxx;User Id=xxx;Password=xxx;"
        Dim connLogin As New SqlClient.SqlConnection(strLoginConnStr)
        connLogin.Open()
        Dim strSQL As String = "sp_workshop_login '" & _
            Replace(tbUsername.Text, "'", "''") & "', '" & _
            Replace(tbPassword.Text, "'", "''") & "'"
        Dim comLogin As New SqlCommand(strSQL, connLogin)
        Dim Reader As SqlDataReader = comLogin.ExecuteReader()
        If Reader.Read() Then
            MsgBox("Good username and password!")
        Else
            MsgBox("Bad username or password!", MsgBoxStyle.Exclamation)
        End If
        connLogin.Close()
    End Sub

    Private Sub btnClose_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnClose.Click
        Me.Close()
    End Sub
End Class



I've got two questions in this regard:

1) Is this the best way to code a login form?

2) When the database is not available, the line        connLogin.Open()      will make the program hang. I even tried to surround it with a Try..Catch, but the exception doesn't occur when the database is down. How can I manage it to show an error message when the database is down?
0
Comment
Question by:huji
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 70

Expert Comment

by:Éric Moreau
ID: 18003075
2) you can shorter the timeout property of the Command object.
0
 
LVL 6

Accepted Solution

by:
Jayadev Nair earned 800 total points
ID: 18003715
Hi

Please try adding "Connect Timeout=5" parameter to your connection string. this must solve the issue. But donot forget to catch the timeout.

Thanks.
0
 
LVL 24

Assisted Solution

by:Jeff Certain
Jeff Certain earned 800 total points
ID: 18004186
1. Use your command to call a stored procedure, not the strange version of dynamic SQL you've got now.
2. Use "using" if you're in VB2005.
3. Create a stored procedure that takes the user name and password as parameters, and returns the user name.

Here's the function to check:

Public Function CheckLogin(ByVal userName As String, ByVal pwd As String) As Boolean
    Dim strLoginConnStr As String
    strLoginConnStr = "Data Source=xxx;" & _
        "Initial Catalog=xxx;User Id=xxx;Password=xxx;"
    Using connLogin As New SqlClient.SqlConnection(strLoginConnStr)
      connLogin.Open()
      Using cmd As New SqlCommand("sp_workshop_login", connLogin)
        cmd.CommandType = CommandType.StoredProcedure
        cmd.Parameters.Add("@userName", SqlDbType.VarChar, 30).Value = userName
        cmd.Parameters.Add("@password", SqlDbType.VarChar, 30).Value = pwd
        Return Not (cmd.ExecuteScalar Is System.DBNull.Value)
      End Using
    End Using
  End Function

Note: in general, it is a bad idea to transmit credentials in clear text; I hash passwords and then submit the hash to the sproc to check to see if the login is valid.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 14

Author Comment

by:huji
ID: 18004223
>> ... "Connect Timeout=5" ...
It did the trick.

>> 2. Use "using" if you're in VB2005.
What is its benefit in this case?
0
 
LVL 24

Expert Comment

by:Jeff Certain
ID: 18004230
2. Using disposes the objects for you. In the case of connection objects, it closes them for you as well.
0
 
LVL 14

Author Comment

by:huji
ID: 18004827
Great.

Follow me here please: http:Q_22070999.html

0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Well, all of us have seen the multiple EXCEL.EXE's in task manager that won't die even if you call the .close, .dispose methods. Try this method to kill any excels in memory. You can copy the kill function to create a check function and replace the …
I think the Typed DataTable and Typed DataSet are very good options when working with data, but I don't like auto-generated code. First, I create an Abstract Class for my DataTables Common Code.  This class Inherits from DataTable. Also, it can …
Video by: ITPro.TV
In this episode Don builds upon the troubleshooting techniques by demonstrating how to properly monitor a vSphere deployment to detect problems before they occur. He begins the show using tools found within the vSphere suite as ends the show demonst…
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…
Suggested Courses

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question