Login System (vb.net -> PHP -> MySQL)

Question

Trle94 -3 Newbie Poster

11 Years Ago

Hello everyone,
i need small help since im stuck, and im not that good with php and vB.net connections...
So here is the problem, i manage to get connected to db and php script shows me if im connected or not, grab if user/pw is correct everything works fine, but now i do not know how to grab, on new form show up, data from that user and display it in label, like in db it has date of registration, last login and email, i want to get them on my second form.. so if anyone could help me out to sort those things and manage to complete goal, i would be really thankfull!

Usercheck.php

<?php
if($_POST)
{
    if(isset($_POST["username"]) && isset($_POST["password"]))
    {
        $connect = mysql_pconnect("localhost","username","password");
        if($connect)
        {
            $select = mysql_select_db("mydatabase",$connect);
            if($select)
            {
                $user = mysql_escape_string($_POST["username"]);
                $pwd = mysql_escape_string($_POST["password"]);
                $GetRows = mysql_query("SELECT * FROM MyTableHere WHERE username='$user' AND password='$pwd'");
                $RowCount=mysql_num_rows($GetRows);
                if($RowCount>0)
                {
                    die("Correct !");
                }
                else
                {
                    die("Incorrect !");
                }
            }
            else
            {
                die("Unable to select database." . mysql_error());
            }
        }
        else
        {
            die("Unable connect to database." . mysql_error());
        }
    }
    else
    {
        die("Access Denied!");
    }
}
else
{
    die("Access Denied!");
}
?>

Snipet of Form1.vb

Function AuthUser(ByVal AuthenticationPage As String, ByVal Username As String, ByVal Password As String) As Boolean
        Dim wc As New WebClient()
        wc.Headers.Add("Content-Type", "application/x-www-form-urlencoded")
        Dim Data As String = String.Format("username={0}&password={1}", HttpUtility.UrlEncode(Username), HttpUtility.UrlEncode(Password))
        Dim ResponseBytes() As Byte = wc.UploadData(AuthenticationPage, "POST", Encoding.ASCII.GetBytes(Data))
        Dim Response As String = Encoding.ASCII.GetString(ResponseBytes)
        If Response.Contains("Correct") Then
            Return True
        Else
            Return False
        End If
    End Function
    Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
        If AuthUser("http://127.0.0.1/Usercheck.php", TextBox1.Text, TextBox2.Text) Then
            Me.Hide()
            Form2.Show()
        Else
            MsgBox("You have provided invalid username or password. Unable to login.")
        End If
    End Sub

Could anyone help me out please? :)

mysql php vb.net

3 Contributors
6 Replies
2K Views
13 Hours Discussion Span
Latest Post 11 Years Ago Latest Post by Trle94

G_Waddell 131 Posting Whiz in Training

11 Years Ago

Hi

Why use PHP? Why not VB.NET > MySQL?

savedlema 17 Junior Poster

11 Years Ago

I also wonder why php came in here! Why not just from VB.NET to MySQL as G Waddell said?

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

Trle94 -3 Newbie Poster · Answer 1 · 2013-02-21T13:55:54+00:00

just because of one simple reason, lets say we include mysql connector lib, insert our db details to form code compile app everything works like a charm, then some random guy show up take your .exe decompile it and grab mysql details from decompiled source login to db and grab all infos, good enought reason right? :)

G_Waddell 131 Posting Whiz in Training · Answer 2 · 2013-02-21T15:08:20+00:00

So you're saying an uncomplied php file is more secure than a complied .Net program?

G_Waddell 131 Posting Whiz in Training · Answer 3 · 2013-02-21T15:23:41+00:00

If Random guys can just show up take your dll and decompile it then a login page is the least of your security issues on that server! If you're that worried you can use an obfuscation program. But frankly if you have a secure server they shouldn't be able to even get to that stage. What if they get in and hijack your session? or use cross site scripting? You are only as secure as the system you design and build on. ASP.NET is just as secure as PHP

Trle94 -3 Newbie Poster · Answer 4 · 2013-02-21T16:00:26+00:00

Every obfuscation program has deobfuscator :)