Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Compare data entered in two textbox against fields in a SQL Server table

Posted on 2009-06-27
5
Medium Priority
?
376 Views
Last Modified: 2013-11-27
Please HELP and new to Visual Studios... I am working on comparing a Username textbox and a Password textbox against fields in a SQL Server database table. Table has two fields (Username and Passward)  and Project has textbox (Username) and (Password).  Login button needs to execute this.  PLEASE, How can I do this? PLEASE help with CODE?  
I found this example but I can not get it to work....
 
Public Class Form1
    Private Sub Button2_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button2.Click
        Close()
    End Sub
    Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
        'Form2.Show()
        'Me.Hide()
        Dim concheck As SqlConnection
        Dim cmdcheck As SqlCommand
        Dim intused As Integer
 
        concheck = New SqlConnection("")
        concheck.Open()
        cmdcheck = New SqlCommand("Select Count(username) From Userinfo Where username='" & username.Text & "'", concheck)
        cmdcheck.ExecuteScalar()
 
        intused = cmdcheck.ExecuteScalar()
 
        If intused > 0 Then
            concheck.Close()
            Dim dtrcheck As SqlDataReader
            concheck = New SqlConnection("Server=")
            concheck.Open()
            cmdcheck = New SqlCommand("Select Username, Password From Userinfo Where username='" & username.Text & "'", concheck)
            dtrcheck = cmdcheck.ExecuteReader
            Dim strdatabasepassword = dtrcheck("Password")
            Dim strtextboxpassword = password.Text
 
            If strdatabasepassword = strtextboxpassword Then
                If password.Text = dtrcheck("Password") Then
                    While dtrcheck.Read
                        Response.Write(strdatabasepassword)
                        Response.Write(strtextboxpassword)
                    End While
                    concheck.Close()
                    Dim newCookie As HttpCookie = New HttpCookie("userinfo")
                    newCookie.Values.Add("username", username.Text)
                    newCookie.Expires = Now.AddHours(4)
                    Response.Cookies.Add(newCookie)
                    Response.Redirect("default.aspx")
 
                Else
 
                    concheck.Close()
                    Response.Write("Invalid Username or Password")
 
                End If
            Else
                concheck.Close()
                Response.Write("Username is not in our system")
            End If
    End Sub
End Class

Open in new window

0
Comment
Question by:jparej73
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 4

Expert Comment

by:nasserd
ID: 24730081
You should create a stored procedure which matches values passed in (from the application).

From security and performance standpoints, do not pull credentials from the database.  Instead, pass them into the SQL command as parameters.

Have the SQL command return a count of matches to both username and password.
0
 
LVL 5

Expert Comment

by:rizwanidrees
ID: 24730582
you are writing code for a web application or desktop application?
0
 

Author Comment

by:jparej73
ID: 24731567
For desktop application
0
 

Author Comment

by:jparej73
ID: 24731571
You should create a stored procedure which matches values passed in (from the application).

From security and performance standpoints, do not pull credentials from the database.  Instead, pass them into the SQL command as parameters.

Have the SQL command return a count of matches to both username and password
 
Can you give an example?  I have no clue how to do this
0
 
LVL 4

Accepted Solution

by:
nasserd earned 1500 total points
ID: 24732653
At the very least, you only need 1 SQL command:
"SELECT Count(username) FROM Userinfo WHERE username='" & username.Text & "' AND password='" & password.Text & "';"

The response will be a scalar value of 0 or more; if >0 then your person exists.
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ever needed a SQL 2008 Database replicated/mirrored/log shipped on another server but you can't take the downtime inflicted by initial snapshot or disconnect while T-logs are restored or mirror applied? You can use SQL Server Initialize from Backup…
Recently we ran in to an issue while running some SQL jobs where we were trying to process the cubes.  We got an error saying failure stating 'NT SERVICE\SQLSERVERAGENT does not have access to Analysis Services. So this is a way to automate that wit…
Via a live example, show how to set up a backup for SQL Server using a Maintenance Plan and how to schedule the job into SQL Server Agent.
Using examples as well as descriptions, and references to Books Online, show the documentation available for datatypes, explain the available data types and show how data can be passed into and out of variables.

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question