Solved

Compare data entered in two textbox against fields in a SQL Server table

Posted on 2009-06-27
5
373 Views
Last Modified: 2013-11-27
Please HELP and new to Visual Studios... I am working on comparing a Username textbox and a Password textbox against fields in a SQL Server database table. Table has two fields (Username and Passward)  and Project has textbox (Username) and (Password).  Login button needs to execute this.  PLEASE, How can I do this? PLEASE help with CODE?  
I found this example but I can not get it to work....
 
Public Class Form1
    Private Sub Button2_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button2.Click
        Close()
    End Sub
    Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
        'Form2.Show()
        'Me.Hide()
        Dim concheck As SqlConnection
        Dim cmdcheck As SqlCommand
        Dim intused As Integer
 
        concheck = New SqlConnection("")
        concheck.Open()
        cmdcheck = New SqlCommand("Select Count(username) From Userinfo Where username='" & username.Text & "'", concheck)
        cmdcheck.ExecuteScalar()
 
        intused = cmdcheck.ExecuteScalar()
 
        If intused > 0 Then
            concheck.Close()
            Dim dtrcheck As SqlDataReader
            concheck = New SqlConnection("Server=")
            concheck.Open()
            cmdcheck = New SqlCommand("Select Username, Password From Userinfo Where username='" & username.Text & "'", concheck)
            dtrcheck = cmdcheck.ExecuteReader
            Dim strdatabasepassword = dtrcheck("Password")
            Dim strtextboxpassword = password.Text
 
            If strdatabasepassword = strtextboxpassword Then
                If password.Text = dtrcheck("Password") Then
                    While dtrcheck.Read
                        Response.Write(strdatabasepassword)
                        Response.Write(strtextboxpassword)
                    End While
                    concheck.Close()
                    Dim newCookie As HttpCookie = New HttpCookie("userinfo")
                    newCookie.Values.Add("username", username.Text)
                    newCookie.Expires = Now.AddHours(4)
                    Response.Cookies.Add(newCookie)
                    Response.Redirect("default.aspx")
 
                Else
 
                    concheck.Close()
                    Response.Write("Invalid Username or Password")
 
                End If
            Else
                concheck.Close()
                Response.Write("Username is not in our system")
            End If
    End Sub
End Class

Open in new window

0
Comment
Question by:jparej73
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 4

Expert Comment

by:nasserd
ID: 24730081
You should create a stored procedure which matches values passed in (from the application).

From security and performance standpoints, do not pull credentials from the database.  Instead, pass them into the SQL command as parameters.

Have the SQL command return a count of matches to both username and password.
0
 
LVL 5

Expert Comment

by:rizwanidrees
ID: 24730582
you are writing code for a web application or desktop application?
0
 

Author Comment

by:jparej73
ID: 24731567
For desktop application
0
 

Author Comment

by:jparej73
ID: 24731571
You should create a stored procedure which matches values passed in (from the application).

From security and performance standpoints, do not pull credentials from the database.  Instead, pass them into the SQL command as parameters.

Have the SQL command return a count of matches to both username and password
 
Can you give an example?  I have no clue how to do this
0
 
LVL 4

Accepted Solution

by:
nasserd earned 500 total points
ID: 24732653
At the very least, you only need 1 SQL command:
"SELECT Count(username) FROM Userinfo WHERE username='" & username.Text & "' AND password='" & password.Text & "';"

The response will be a scalar value of 0 or more; if >0 then your person exists.
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
SQL Server Results to Excel File 18 74
SQL Consolidate rows 3 26
Need age at date of document 5 16
Find special characters using tSQL 6 15
Ever wondered why sometimes your SQL Server is slow or unresponsive with connections spiking up but by the time you go in, all is well? The following article will show you how to install and configure a SQL job that will send you email alerts includ…
I have a large data set and a SSIS package. How can I load this file in multi threading?
Using examples as well as descriptions, and references to Books Online, show the documentation available for date manipulation functions and by using a select few of these functions, show how date based data can be manipulated with these functions.
Using examples as well as descriptions, and references to Books Online, show the documentation available for datatypes, explain the available data types and show how data can be passed into and out of variables.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question