Hi all,

I am designing a log in page and every day i face a new problem :'(

The code now is working fine but i want to add exception to check if the Login Id and the password are not exist in the DB table
I tried to put this code but it didn't work

Dim result As Data.SqlClient.SqlDataReader = dr(Data.CommandBehavior.CloseConnection)
        If result.HasRows = False Then
            MsgBox("Error")

        Else
        ////the rest of the code

        end if

My code

 Public Sub LogIn(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button1.Click



        Dim connStr As String = "Data Source=.\SQLEXPRESS;AttachDbFilename='C:\Users\sony\Documents\Visual Studio 2010\Projects\SADA\SADA\App_Data\SADA2.mdf';Integrated Security=True;User Instance=True"
        Dim sqlconnet As Data.SqlClient.SqlConnection
        Dim MyComm As Data.SqlClient.SqlCommand
        Dim dr As SqlDataReader
        Dim UserType As String
        Dim Pateint As String
        Dim SLP As String
        Dim Admin As String
        Dim logID As String
        Dim PassW As String

        sqlconnet = New Data.SqlClient.SqlConnection()
        sqlconnet.ConnectionString = connStr
        MyComm = New Data.SqlClient.SqlCommand("", sqlconnet)
        MyComm.CommandType = Data.CommandType.Text
        MyComm.CommandText = "SELECT * FROM LoginTable WHERE (loginId ='" & TextBox1.Text & "') AND (Password = '" & TextBox2.Text & "') "
        sqlconnet.Open()






        dr = MyComm.ExecuteReader()
        dr.Read()
        'Dim result As Data.SqlClient.SqlDataReader = dr(Data.CommandBehavior.CloseConnection)
        'If result.HasRows = False Then
         '   MsgBox("Error")

        'Else
            logID = dr.GetInt32(0)
            PassW = dr.GetInt32(1)

            UserType = dr.GetString(5)
            Select Case (UserType)
                Case "S"
                    SLP = dr.GetInt32(3)
                    Response.Redirect("SLPMain.aspx")

                Case "A"
                    Admin = dr.GetInt32(2)
                    Response.Redirect("Admin.aspx")
                Case "P"
                    Pateint = dr.GetInt32(4)
                    Response.Redirect("WebForm4.aspx")
            End Select

    End Sub

Plz Help!!

Thanks in advance

Yeah. That code seem a bit cumbersome.
And you're not even using SLP, Admin or Pateint. So you can throw those away.
Also, in ASP.NET you can't use MsgBox. Add a Label and direct any output that that.
Try this instead.

 Public Sub LogIn(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button1.Click
    Dim connStr As String = "Data Source=.\SQLEXPRESS;AttachDbFilename='C:\Users\sony\Documents\Visual Studio 2010\Projects\SADA\SADA\App_Data\SADA2.mdf';Integrated Security=True;User Instance=True"
    Dim logID As String
    Dim PassW As String

    Dim con As New Data.SqlClient.SqlConnection(connStr)
    Dim dtLogin As New DataTable
    Dim daLogin As New Data.SqlClient.SqlDataAdapter("SELECT * FROM LoginTable WHERE LoginID = '" & TextBox1.Text & "' AND Password = '" & TextBox2.Text & "'", con)

    Try
        daLogin.Fill(dtLogin)

        If dtLogin.Rows.Count > 0 Then
            logID = dtLogin.Rows(0).Item(0)
            PassW = dtLogin.Rows(0).Item(1)

            Select Case dtLogin.Rows(0).Item(5).ToString()
                Case "S"
                    Response.Redirect("SLPMain.aspx", True)
                Case "A"
                    Response.Redirect("Admin.aspx", True)
                Case "P"
                    Response.Redirect("WebForm4.aspx", True)
            End Select
        Else
            'lblError.Text = "Username or Password incorrect, or no such user is registered."'
        End If
    Catch ex As Exception
    End Try
End Sub

Hi Oxiegen ,

Thanks for the replay. It's working now

Awesome code and simple to understand thanks alot :)

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.