Protected Sub btnLoginPan_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles btnLoginPan.Click
con = New SqlConnection("Data Source=DAVE-PC\SQLEXPRESS;Initial Catalog=new;Integrated Security=True ")
con.Open()
cmd = New SqlCommand("SELECT Password FROM Registration2 WHERE UserName = ' " + txtUserName2.Text + " '", con)
rd = cmd.ExecuteReader()
If Not rd.Read() Then
Response.Write("UserName does not exist")
Else
If rd(0).ToString() = txtPassword2.Text Then
Response.Redirect("MusicArena.aspx")
Else
Response.Write("Incorrect Password")
End If
End Sub
The final IF is not working properly. It always says Incorrect password.Not taking to MusicArena page :-(
Protected Sub btnLoginPan_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles btnLoginPan.Click
con = New SqlConnection("Data Source=DAVE-PC\SQLEXPRESS;Initial Catalog=new;Integrated Security=True ")
con.Open()
cmd = New SqlCommand("SELECT Password FROM Registration2 WHERE UserName = ' " + txtUserName2.Text + " '", con)
rd = cmd.ExecuteReader()
If Not rd.Read() Then
Response.Write("UserName does not exist")
Else
If rd(0).ToString() = PasswordHasher(txtPassword2.Text) Then
Response.Redirect("MusicArena.aspx")
Else
Response.Write("Incorrect Password")
End If
End Sub
Public Shared Function PasswordHasher(Password As String) As String Return FormsAuthentication.HashPasswordForStoringInConfigFile(Password, System.Web.Configuration.FormsAuthPasswordFormat.SHA1.ToString()) End Function
Protected Sub btnLoginPan_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles btnLoginPan.Click
con = New SqlConnection("Data Source=DAVE-PC\SQLEXPRESS;Initial Catalog=new;Integrated Security=True ")
con.Open()
cmd = New SqlCommand("SELECT Password FROM Registration2 WHERE UserName = ' " + txtUserName2.Text + " '", con) Dim rd1 As string =Convert.ToString( cmd.ExecuteReader()) If rd1 =Null Then Response.Write("UserName is incorrect")
Else If rd1 = txtPassword2.Text Then
Response.Redirect("MusicArena.aspx")
Else
Response.Write("Incorrect Password")
Protected Sub btnLoginPan_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles btnLoginPan.Click
con = New SqlConnection("Data Source=DAVE-PC\SQLEXPRESS;Initial Catalog=new;Integrated Security=True ")
con.Open()
cmd = New SqlCommand("SELECT Password FROM Registration2 WHERE UserName = ' " + txtUserName2.Text + " '", con)
rd = cmd.ExecuteReader() If Not rd.Read() Then Response.Write("UserName does not exist") End If
while(rd.read())
{
If rd(0).ToString() = txtPassword2.Text Then
Response.Redirect("MusicArena.aspx")
Else
Response.Write("Incorrect Password")
End If
}
End Sub
or try this
Protected Sub btnLoginPan_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles btnLoginPan.Click
con = New SqlConnection("Data Source=DAVE-PC\SQLEXPRESS;Initial Catalog=new;Integrated Security=True ")
con.Open()
cmd = New SqlCommand("SELECT Password FROM Registration2 WHERE UserName = ' " + txtUserName2.Text + " '", con)
rd = cmd.ExecuteReader()
If Not rd.Read() Then
Response.Write("UserName does not exist") End If
If rd(0).ToString() = txtPassword2.Text Then
Response.Redirect("MusicArena.aspx")
Else
Response.Write("Incorrect Password")
Sry. Its not working. Also you cannot use the braces in vbscript where you have used after while statement and also there is not end while. Anywayz its not showing anything. Stays in the same page.
Gopalsridhar...
Member
6 Points
19 Posts
Asp.net login page
May 07, 2012 02:06 PM|LINK
Protected Sub btnLoginPan_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles btnLoginPan.Click
con = New SqlConnection("Data Source=DAVE-PC\SQLEXPRESS;Initial Catalog=new;Integrated Security=True ")
con.Open()
cmd = New SqlCommand("SELECT Password FROM Registration2 WHERE UserName = ' " + txtUserName2.Text + " '", con)
rd = cmd.ExecuteReader()
If Not rd.Read() Then
Response.Write("UserName does not exist")
Else
If rd(0).ToString() = txtPassword2.Text Then
Response.Redirect("MusicArena.aspx")
Else
Response.Write("Incorrect Password")
End If
End Sub
The final IF is not working properly. It always says Incorrect password.Not taking to MusicArena page :-(
hans_v
All-Star
35986 Points
6550 Posts
Re: Asp.net login page
May 07, 2012 02:12 PM|LINK
Your code is vulnarable to SQL injections!
http://www.mikesdotnetting.com/Article/113/Preventing-SQL-Injection-in-ASP.NET
And instead of reinventing the wheel, read/watch this:
http://www.asp.net/web-forms/tutorials/security
http://www.asp.net/web-forms/videos/authentication
sriramabi
Contributor
4351 Points
1277 Posts
Re: Asp.net login page
May 07, 2012 02:14 PM|LINK
hai
Your password coloumn datatype is uniqueidentifier?...
and any register time u r password encrypt then save?...
sriramabi
Contributor
4351 Points
1277 Posts
Re: Asp.net login page
May 07, 2012 02:20 PM|LINK
hai
hai
try this
Protected Sub btnLoginPan_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles btnLoginPan.Click
con = New SqlConnection("Data Source=DAVE-PC\SQLEXPRESS;Initial Catalog=new;Integrated Security=True ")
con.Open()
cmd = New SqlCommand("SELECT Password FROM Registration2 WHERE UserName = ' " + txtUserName2.Text + " '", con)
rd = cmd.ExecuteReader()
If Not rd.Read() Then
Response.Write("UserName does not exist")
Else
If rd(0).ToString() = PasswordHasher(txtPassword2.Text) Then
Response.Redirect("MusicArena.aspx")
Else
Response.Write("Incorrect Password")
End If
End Sub
Public Shared Function PasswordHasher(Password As String) As String
Return FormsAuthentication.HashPasswordForStoringInConfigFile(Password, System.Web.Configuration.FormsAuthPasswordFormat.SHA1.ToString())
End Function
Gopalsridhar...
Member
6 Points
19 Posts
Re: Asp.net login page
May 07, 2012 02:23 PM|LINK
Hai
Still its showing the same o/p - Incorrect password.
sriramabi
Contributor
4351 Points
1277 Posts
Re: Asp.net login page
May 07, 2012 02:25 PM|LINK
ok u put correct password and correct username.then put breack point...
then u will check u r if condition values....
thank u
sriramabi
Contributor
4351 Points
1277 Posts
Re: Asp.net login page
May 07, 2012 02:29 PM|LINK
hai
pls change u r code..one more try
Protected Sub btnLoginPan_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles btnLoginPan.Click
con = New SqlConnection("Data Source=DAVE-PC\SQLEXPRESS;Initial Catalog=new;Integrated Security=True ")
con.Open()
cmd = New SqlCommand("SELECT Password FROM Registration2 WHERE UserName = ' " + txtUserName2.Text + " '", con)
Dim rd1 As string =Convert.ToString( cmd.ExecuteReader())
If rd1 =Null Then
Response.Write("UserName is incorrect")
Else
If rd1 = txtPassword2.Text Then
Response.Redirect("MusicArena.aspx")
Else
Response.Write("Incorrect Password")
End If
End Sub
Gopalsridhar...
Member
6 Points
19 Posts
Re: Asp.net login page
May 07, 2012 02:48 PM|LINK
I couldn't able to assign null ; I used
If rd1 = vbNull then
But its showing an error : Conversion from string "System.Data.SqlClient.SqlDataRea" to type 'Double' is not valid.
sriramabi
Contributor
4351 Points
1277 Posts
Re: Asp.net login page
May 07, 2012 02:56 PM|LINK
k m sry its my fault
Protected Sub btnLoginPan_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles btnLoginPan.Click
con = New SqlConnection("Data Source=DAVE-PC\SQLEXPRESS;Initial Catalog=new;Integrated Security=True ")
con.Open()
cmd = New SqlCommand("SELECT Password FROM Registration2 WHERE UserName = ' " + txtUserName2.Text + " '", con)
rd = cmd.ExecuteReader()
If Not rd.Read() Then
Response.Write("UserName does not exist")
End If
while(rd.read())
{
If rd(0).ToString() = txtPassword2.Text Then
Response.Redirect("MusicArena.aspx")
Else
Response.Write("Incorrect Password")
End If
}
End Sub
or try this
Protected Sub btnLoginPan_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles btnLoginPan.Click
con = New SqlConnection("Data Source=DAVE-PC\SQLEXPRESS;Initial Catalog=new;Integrated Security=True ")
con.Open()
cmd = New SqlCommand("SELECT Password FROM Registration2 WHERE UserName = ' " + txtUserName2.Text + " '", con)
rd = cmd.ExecuteReader()
If Not rd.Read() Then
Response.Write("UserName does not exist")
End If
If rd(0).ToString() = txtPassword2.Text Then
Response.Redirect("MusicArena.aspx")
Else
Response.Write("Incorrect Password")
End If
End Sub
Gopalsridhar...
Member
6 Points
19 Posts
Re: Asp.net login page
May 07, 2012 03:02 PM|LINK
Sry. Its not working. Also you cannot use the braces in vbscript where you have used after while statement and also there is not end while. Anywayz its not showing anything. Stays in the same page.