validate user : The Official Microsoft ASP.NET Forums

Reply

validate user

Jul 01, 2012 11:01 AM|LINK

hi people,

i've added a dropdowlist (question) and a textbox (answer) to my logincontrol.

i made a extra table with the columns username, question and answer.

what i'm trying to do is that a user has to confirm two arguments to make a login possible:

1)

if(Membership.ValidateUser(Login1.UserName.ToString(), Login1.Password.ToString()))

//some code

if(DS.Tables[0].Rows.Count > 0)

//some code

(to check if the added values in username question and answer compare in my extra table)

the code works properly:

if membership.validate user is incorrect there is no login.

if the rowcount of my extra table is equal to 0 there also will be no login.

but the error message "your login attempt was not succesful. please try again" is only vissible if the rowcount is equal to 0

if memberschip.validate user is incorrect the message is not vissible.

Maybe a long story for a small problem, but what goes wrong in here?

kind regards

protected void LoginButton_Click(object sender, EventArgs e)
    {
        string USERNAME = ((TextBox)Login1.FindControl("UserName")).Text;
        string QUESTION = ((DropDownList)Login1.FindControl("Question")).Text;
        string ANSWER = ((TextBox)Login1.FindControl("Answer")).Text;

        string connstr = WebConfigurationManager.ConnectionStrings["membersConnectionString"].ConnectionString;
        SqlConnection conn = new SqlConnection(connstr);

        DataSet DS = new DataSet();
        DataTable LoggedinTable = new DataTable();
        SqlDataAdapter da = new SqlDataAdapter();

        da.SelectCommand = new SqlCommand("SELECT USERNAME,QUESTION,ANSWER FROM LoggedinTable WHERE [USERNAME] = @original_USERNAME AND [QUESTION] = @original_QUESTION AND [ANSWER] = @original_ANSWER", conn);

        da.SelectCommand.Parameters.Add("@USERNAME", SqlDbType.VarChar).Value = ((TextBox)Login1.FindControl("UserName")).Text;
        da.SelectCommand.Parameters.Add("@original_USERNAME", SqlDbType.VarChar).Value = ((TextBox)Login1.FindControl("UserName")).Text;
        da.SelectCommand.Parameters.Add("@QUESTION", SqlDbType.VarChar).Value = ((DropDownList)Login1.FindControl("Question")).Text;
        da.SelectCommand.Parameters.Add("@original_QUESTION", SqlDbType.VarChar).Value = ((DropDownList)Login1.FindControl("Question")).Text;
        da.SelectCommand.Parameters.Add("@ANSWER", SqlDbType.VarChar).Value = ((TextBox)Login1.FindControl("Answer")).Text;
        da.SelectCommand.Parameters.Add("@original_ANSWER", SqlDbType.VarChar).Value = ((TextBox)Login1.FindControl("Answer")).Text;


        conn.Open();
        da.Fill(DS);
        conn.Close();
       
        if (Membership.ValidateUser(Login1.UserName.ToString(), Login1.Password.ToString()))
            if (DS.Tables[0].Rows.Count > 0)
        {
            Label1.Text = USERNAME.ToString();
            Session["UserName"] = Label1.Text;

            Response.Redirect("loginprofile.aspx");
        }


        if (Membership.ValidateUser(Login1.UserName.ToString(), Login1.Password.ToString()))
            if (DS.Tables[0].Rows.Count == 0)
        {
            errorlabel.Text = "your login attempt was not succesful. please try again";
        }


        }
    }

Reply

Imar_Spaanja...

Contributor

2784 Points

481 Posts

ASPInsiders

MVP

Re: validate user

Jul 01, 2012 11:40 AM|LINK

>> if memberschip.validate user is incorrect the message is not vissible.

I don't see an else clause for the case where validation fails. You only have code for the case where ValidateUser succeeds.

Also, you may be better off handling this in the LoggingIn event of the Login control: http://msdn.microsoft.com/en-us/library/system.web.ui.webcontrols.login.loggingin It has an easy way to cancel the login procedure when your custom check doesn't return true.

Cheers,

Imar

Imar Spaanjaars - ASP.NET MVP
My Blog - My Company

Reply

CPrakash82

All-Star

18270 Points

2839 Posts

Re: validate user

Jul 01, 2012 11:07 PM|LINK

manolito76

if (Membership.ValidateUser(Login1.UserName.ToString(), Login1.Password.ToString()))
            if (DS.Tables[0].Rows.Count == 0)
        {
            errorlabel.Text = "your login attempt was not succesful. please try again";
        }

Change this with

if (Membership.ValidateUser(Login1.UserName.ToString(), Login1.Password.ToString()))
            if (DS.Tables[0].Rows.Count == 0)
        {
            errorlabel.Text = "your login attempt was not succesful. please try again";
        }else
          errorlabel.Text = "your login attempt was not succesful. please try again";

Thanks,

http://cprakash.com

Reply

manolito76

0 Points

22 Posts

Re: validate user

Jul 03, 2012 05:47 PM|LINK

hi people,

got it fixed with an IF statement wich has multiple conditions

if one of these conditions are not confirmed there will be no login.

conn.Open();
        da.Fill(DS);
        conn.Close();

        if (DS.Tables[0].Rows.Count > 0 & Membership.ValidateUser(Login1.UserName.ToString(), Login1.Password.ToString()))
         {
             errormessage.Text = "login ok";
         }

        else
        {
            errormessage.Text =  "error validate user";

        }

    }
}

Marked as answer by Frank Jiang - MSFT on Jul 12, 2012 10:38 AM

validate user RSS

3 replies

manolito76

validate user

Imar_Spaanja...

Re: validate user

CPrakash82

Re: validate user

manolito76

manolito76

Re: validate user

This site is managed for Microsoft by Neudesic, LLC. | © 2013 Microsoft. All rights reserved.

Follow Us On:

Microsoft