jparej73
asked on
Compare data entered in two textbox against fields in a SQL Server table
Please HELP and new to Visual Studios... I am working on comparing a Username textbox and a Password textbox against fields in a SQL Server database table. Table has two fields (Username and Passward) and Project has textbox (Username) and (Password). Login button needs to execute this. PLEASE, How can I do this? PLEASE help with CODE?
I found this example but I can not get it to work....
Public Class Form1
Private Sub Button2_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button2.Click
Close()
End Sub
Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
'Form2.Show()
'Me.Hide()
Dim concheck As SqlConnection
Dim cmdcheck As SqlCommand
Dim intused As Integer
concheck = New SqlConnection("")
concheck.Open()
cmdcheck = New SqlCommand("Select Count(username) From Userinfo Where username='" & username.Text & "'", concheck)
cmdcheck.ExecuteScalar()
intused = cmdcheck.ExecuteScalar()
If intused > 0 Then
concheck.Close()
Dim dtrcheck As SqlDataReader
concheck = New SqlConnection("Server=")
concheck.Open()
cmdcheck = New SqlCommand("Select Username, Password From Userinfo Where username='" & username.Text & "'", concheck)
dtrcheck = cmdcheck.ExecuteReader
Dim strdatabasepassword = dtrcheck("Password")
Dim strtextboxpassword = password.Text
If strdatabasepassword = strtextboxpassword Then
If password.Text = dtrcheck("Password") Then
While dtrcheck.Read
Response.Write(strdatabasepassword)
Response.Write(strtextboxpassword)
End While
concheck.Close()
Dim newCookie As HttpCookie = New HttpCookie("userinfo")
newCookie.Values.Add("username", username.Text)
newCookie.Expires = Now.AddHours(4)
Response.Cookies.Add(newCookie)
Response.Redirect("default.aspx")
Else
concheck.Close()
Response.Write("Invalid Username or Password")
End If
Else
concheck.Close()
Response.Write("Username is not in our system")
End If
End Sub
End Class
you are writing code for a web application or desktop application?
ASKER
For desktop application
ASKER
You should create a stored procedure which matches values passed in (from the application).
From security and performance standpoints, do not pull credentials from the database. Instead, pass them into the SQL command as parameters.
Have the SQL command return a count of matches to both username and password
Can you give an example? I have no clue how to do this
From security and performance standpoints, do not pull credentials from the database. Instead, pass them into the SQL command as parameters.
Have the SQL command return a count of matches to both username and password
Can you give an example? I have no clue how to do this
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
From security and performance standpoints, do not pull credentials from the database. Instead, pass them into the SQL command as parameters.
Have the SQL command return a count of matches to both username and password.