Compare data entered in two textbox against fields in a SQL Server table

Please HELP and new to Visual Studios... I am working on comparing a Username textbox and a Password textbox against fields in a SQL Server database table. Table has two fields (Username and Passward)  and Project has textbox (Username) and (Password).  Login button needs to execute this.  PLEASE, How can I do this? PLEASE help with CODE?  
I found this example but I can not get it to work....
 
Public Class Form1
    Private Sub Button2_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button2.Click
        Close()
    End Sub
    Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
        'Form2.Show()
        'Me.Hide()
        Dim concheck As SqlConnection
        Dim cmdcheck As SqlCommand
        Dim intused As Integer
 
        concheck = New SqlConnection("")
        concheck.Open()
        cmdcheck = New SqlCommand("Select Count(username) From Userinfo Where username='" & username.Text & "'", concheck)
        cmdcheck.ExecuteScalar()
 
        intused = cmdcheck.ExecuteScalar()
 
        If intused > 0 Then
            concheck.Close()
            Dim dtrcheck As SqlDataReader
            concheck = New SqlConnection("Server=")
            concheck.Open()
            cmdcheck = New SqlCommand("Select Username, Password From Userinfo Where username='" & username.Text & "'", concheck)
            dtrcheck = cmdcheck.ExecuteReader
            Dim strdatabasepassword = dtrcheck("Password")
            Dim strtextboxpassword = password.Text
 
            If strdatabasepassword = strtextboxpassword Then
                If password.Text = dtrcheck("Password") Then
                    While dtrcheck.Read
                        Response.Write(strdatabasepassword)
                        Response.Write(strtextboxpassword)
                    End While
                    concheck.Close()
                    Dim newCookie As HttpCookie = New HttpCookie("userinfo")
                    newCookie.Values.Add("username", username.Text)
                    newCookie.Expires = Now.AddHours(4)
                    Response.Cookies.Add(newCookie)
                    Response.Redirect("default.aspx")
 
                Else
 
                    concheck.Close()
                    Response.Write("Invalid Username or Password")
 
                End If
            Else
                concheck.Close()
                Response.Write("Username is not in our system")
            End If
    End Sub
End Class

Open in new window

jparej73Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

nasserdCommented:
You should create a stored procedure which matches values passed in (from the application).

From security and performance standpoints, do not pull credentials from the database.  Instead, pass them into the SQL command as parameters.

Have the SQL command return a count of matches to both username and password.
0
rizwanidreesCommented:
you are writing code for a web application or desktop application?
0
jparej73Author Commented:
For desktop application
0
jparej73Author Commented:
You should create a stored procedure which matches values passed in (from the application).

From security and performance standpoints, do not pull credentials from the database.  Instead, pass them into the SQL command as parameters.

Have the SQL command return a count of matches to both username and password
 
Can you give an example?  I have no clue how to do this
0
nasserdCommented:
At the very least, you only need 1 SQL command:
"SELECT Count(username) FROM Userinfo WHERE username='" & username.Text & "' AND password='" & password.Text & "';"

The response will be a scalar value of 0 or more; if >0 then your person exists.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Development

From novice to tech pro — start learning today.