Solved

Compare data entered in two textbox against fields in a SQL Server table

Posted on 2009-06-27
5
369 Views
Last Modified: 2013-11-27
Please HELP and new to Visual Studios... I am working on comparing a Username textbox and a Password textbox against fields in a SQL Server database table. Table has two fields (Username and Passward)  and Project has textbox (Username) and (Password).  Login button needs to execute this.  PLEASE, How can I do this? PLEASE help with CODE?  
I found this example but I can not get it to work....
 

Public Class Form1

    Private Sub Button2_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button2.Click

        Close()

    End Sub

    Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click

        'Form2.Show()

        'Me.Hide()

        Dim concheck As SqlConnection

        Dim cmdcheck As SqlCommand

        Dim intused As Integer
 

        concheck = New SqlConnection("")

        concheck.Open()

        cmdcheck = New SqlCommand("Select Count(username) From Userinfo Where username='" & username.Text & "'", concheck)

        cmdcheck.ExecuteScalar()
 

        intused = cmdcheck.ExecuteScalar()
 

        If intused > 0 Then

            concheck.Close()

            Dim dtrcheck As SqlDataReader

            concheck = New SqlConnection("Server=")

            concheck.Open()

            cmdcheck = New SqlCommand("Select Username, Password From Userinfo Where username='" & username.Text & "'", concheck)

            dtrcheck = cmdcheck.ExecuteReader

            Dim strdatabasepassword = dtrcheck("Password")

            Dim strtextboxpassword = password.Text
 

            If strdatabasepassword = strtextboxpassword Then

                If password.Text = dtrcheck("Password") Then

                    While dtrcheck.Read

                        Response.Write(strdatabasepassword)

                        Response.Write(strtextboxpassword)

                    End While

                    concheck.Close()

                    Dim newCookie As HttpCookie = New HttpCookie("userinfo")

                    newCookie.Values.Add("username", username.Text)

                    newCookie.Expires = Now.AddHours(4)

                    Response.Cookies.Add(newCookie)

                    Response.Redirect("default.aspx")
 

                Else
 

                    concheck.Close()

                    Response.Write("Invalid Username or Password")
 

                End If

            Else

                concheck.Close()

                Response.Write("Username is not in our system")

            End If

    End Sub

End Class

Open in new window

0
Comment
Question by:jparej73
  • 2
  • 2
5 Comments
 
LVL 4

Expert Comment

by:nasserd
ID: 24730081
You should create a stored procedure which matches values passed in (from the application).

From security and performance standpoints, do not pull credentials from the database.  Instead, pass them into the SQL command as parameters.

Have the SQL command return a count of matches to both username and password.
0
 
LVL 5

Expert Comment

by:rizwanidrees
ID: 24730582
you are writing code for a web application or desktop application?
0
 

Author Comment

by:jparej73
ID: 24731567
For desktop application
0
 

Author Comment

by:jparej73
ID: 24731571
You should create a stored procedure which matches values passed in (from the application).

From security and performance standpoints, do not pull credentials from the database.  Instead, pass them into the SQL command as parameters.

Have the SQL command return a count of matches to both username and password
 
Can you give an example?  I have no clue how to do this
0
 
LVL 4

Accepted Solution

by:
nasserd earned 500 total points
ID: 24732653
At the very least, you only need 1 SQL command:
"SELECT Count(username) FROM Userinfo WHERE username='" & username.Text & "' AND password='" & password.Text & "';"

The response will be a scalar value of 0 or more; if >0 then your person exists.
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Having an SQL database can be a big investment for a small company. Hardware, setup and of course, the price of software all add up to a big bill that some companies may not be able to absorb.  Luckily, there is a free version SQL Express, but does …
International Data Corporation (IDC) prognosticates that before the current the year gets over disbursing on IT framework products to be sent in cloud environs will be $37.1B.
This videos aims to give the viewer a basic demonstration of how a user can query current session information by using the SYS_CONTEXT function
Using examples as well as descriptions, and references to Books Online, show the documentation available for datatypes, explain the available data types and show how data can be passed into and out of variables.

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now