VS 2010 - VB Login Query returning one row all the time

SQLConPPI.SQLDSPPI.Tables.Count  is always returning one row, so I cannot see an invalid login - someone said I should be querying the data fill - I just dont know what to do?!!?

      Dim strLogin As New System.Text.StringBuilder
            strLogin.Append("Select * from [PD_MA_USERS] where username = '")
            strLogin.Append("' and password = '")
            If SQLConPPI.HasConnection = True Then
                If SQLConPPI.SQLDSPPI.Tables.Count > 0 Then
                    Dim Open_Main_PD As Form = Main_PD
                    Me.Visible = False
                    Exit Sub
                    MessageBox.Show("Login credentials incorrect")
                End If
            End If

Open in new window

Who is Participating?
First of all, your query is prone to the SQL injection.
If I type this string as the user name and type 1 as a password your query will let me in:
a' or 1=1;--

Open in new window

(you can test once you fix your problems)

Now, to your problem. The SQLConPPI.SQLDSPPI.Tables is most likely a collection of tables. You need to check the SQLConPPI.SQLDSPPI.Tables(0), as it is most likely will be the one that is filled with data. I do not know the code inside your PersonelForAssignment function, I just assume it. So, you need to test like this:
If SQLConPPI.SQLDSPPI.Tables.Count > 0 AndAlso SQLConPPI.SQLDSPPI.Tables(0).Rows.Count > 0 Then

Open in new window

ralphp1355Author Commented:
Great thank you
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.