Original thread - To see why this was Updated
Reason for new thread is to start with a clean slate and I will also be providing a tutorial for SQL and possibly Oracle DB connections to show how easy this code is to implement regardless of the DB you are using.:pAs well, if time permits I may take the time to code this in a few other .Net languages (C#, C++, and J#).
This is sample code for a ASP.Net Login page (using Visual Basic.Net code behind) with OleDB connection to an Access Database using ADO.Net.
Pre-Code Setup::-|
1. Create a New ASP.NET Web Application. I called mine NorthLogin2
2. Rename the default aspx Webform to Login or Index or something more descriptive. I called mine Login2.aspx
3. Assuming you are in Visual Studio.Net right click on this form in the Solution Explorer and Select Set as Start Page.
4. Find your Northwind.mdb file (The classic Northwind Database in Access)
Under Tools, Options, Tables/Queries Tab select Run Permissions as Owner's
5. Create a new table for login requirements. I called mine tblUser
Columns U_id (autonumber), U_Name (text), and U_Password (text with Input Mask of Password)
6. Create Query (i.e. Stored Procedure) to validate login(s). I called mine sp_ValidateUser
In the SQL Designview the code for that query isSELECT COUNT(*) AS Num_of_User FROM tblUser WHERE (((tblUser.U_Name)=[@UserName]) AND ((tblUser.U_Password)=[@Password]));
This query counts the number of users that it retrieves which matches the where clause. The @UserName and @Password are the values passed in to the query from the Webform.
7. Close database, because you can not access it while it is open.Let the coding begin::cheesy:
1. Create the API for your Login Webform. You want to have two textboxes for the user to enter their login information. You will also want to have some kind of visual feedback to the user regarding the status of the login; i.e. Is the login successful? Usually that is done by redirecting to the page they are trying to login to. If it is not successful, and whether they provided the information in the two textboxes.Login2.aspx
<%@ Page Language="vb" AutoEventWireup="false" Codebehind="Login2.aspx.vb" Inherits="NorthLogin2.WebForm1"%> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <html> <head> <title>Northwind Database Login</title> <meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR"> <meta content="Visual Basic .NET 7.1" name="CODE_LANGUAGE"> <meta content="JavaScript" name="vs_defaultClientScript"> <meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema"> <!-- <summary> ||||| Style Sheet ||||| </summary> --><link title="standard" href="Styles.css" type="text/css" rel="stylesheet"> </head> <body> <!-- ||||| Login Form ||||| --> <form id="frmlogin" method="post" runat="server"> <table id="mainTable"> <tr> <td> <table class="t_border" id="loginTable" cellspacing="15" cellpadding="0"> <tr> <td><b>Login: </b> </td> <td><asp:textbox id="txtUserName" runat="server" width="160px"></asp:textbox><asp:requiredfieldvalidator id="rvUserValidator" runat="server" display="None" errormessage="You must supply a Username!" controltovalidate="txtUserName"></asp:requiredfieldvalidator></td> </tr> <tr> <td><b>Password: </b> </td> <td><asp:textbox id="txtPassword" runat="server" width="160px" textmode="Password"></asp:textbox><asp:requiredfieldvalidator id="rvPasswordValidator" runat="server" display="None" errormessage="Empty Passwords not accepted" controltovalidate="txtPassword"></asp:requiredfieldvalidator></td> </tr> <tr> <td align="center" colspan="2"><asp:button id="cmdSubmit" runat="server" borderstyle="Solid" text="Submit"></asp:button></td> </tr> </table> </td> </tr> <tr> <td> <table id="messageDisplay"> <tr> <td><asp:validationsummary id="Validationsummary1" runat="server" width="472px" displaymode="BulletList"></asp:validationsummary></td> </tr> </table> </td> </tr> </table> </form> <asp:label id="lblMessage" runat="server" width="288px" forecolor="#C00000" font-size="Medium" font-italic="True" font-bold="True"></asp:label> <!-- ||||| End of Form ||||| --> </body> </html>
As you can see by the above code I require my users to supply a Username and Password, the requirefieldvalidator object does just that.
2.Code for the communication to the database:
a.Add the following line of code to the Web.Config file
- start right after
<?xml version="1.0" encoding="utf-8"?>
<configuration><!-- ||||| Application Settings ||||| --> <appSettings> <add key="strConn" value="Provider = Microsoft.Jet.OLEDB.4.0;Data Source=C:\Inetpub\wwwroot\Northwind.mdb;User ID=Admin;Password=;"/> </appSettings> <system.web>
These lines of code do several things. 1. Eliminates the need for creation of a connection string (strConn) each time you want to connect to the Database(DB). Who wants to write that out each time. Now you have "pseudo-global" variable for use in your entire application. 2. Makes it secure, so no user can see where the DB is actually located. 3. And most importantly tells the application the location of the said DB.
b.Code the "meat" of the Login in page.
- Mine is in the code behind rather than a script block, but the principles are the same.
- Add the following Imports to your code behind, just above the class declaration.Imports System.Web.Security ' ||||| Required Class for Authentication Imports System.Data ' ||||| DB Accessing Import Imports System.Data.OleDb ' |||||| Access Database Required Import! Imports System.Configuration ' |||||| Required for Web.Config appSettings |||||
This will provide the library imports you need for Authentication, accessing an OleDB (i.e. Access), and accessing the web.config file (contains your connection string)
c. Create a Function to connect to the DB return result(s)
- This is the main function of this entire webform.Function DBConnection(ByVal strUserName As String, ByVal strPassword As String) As Boolean '<sumamry> ' ||||| Declare Required Variables ' ||||| Access appSettings of Web.Config for Connection String (Constant) '</summary> ' ||||| First is the Connection Object for an Access DB Dim MyConn As OleDbConnection = New OleDbConnection(ConfigurationSettings.AppSettings("strConn")) ' ||||| This is the Connections Object for an SQL DB SqlConnection(ConfigurationSettings.AppSettings("strConn")) '<sumamry> ' ||||| Create a OleDb Command Object ' ||||| Pass in Stored procedure ' ||||| Set CommandType to Stored Procedure '</summary> ' ||||| To Access a Stored Procedure in Access - Requires a Command Object Dim MyCmd As New OleDbCommand("sp_ValidateUser", MyConn) ' ||||| To Access a Stored Procedure in SQL Server - Requires a Command Object MyCmd.CommandType = CommandType.StoredProcedure ' ||||| Create Parameter Objects for values passed in Dim objParam1, objParam2 As OleDbParameter '<sumamry> ' ||||| Add the parameters to the parameters collection of the ' ||||| command object, and set their datatypes (OleDbType in this case) '</summary> objParam1 = MyCmd.Parameters.Add("@UserName", OleDbType.Char) objParam2 = MyCmd.Parameters.Add("@Password", OleDbType.Char) '' ||||| Set the direction of the parameters...input, output, etc objParam1.Direction = ParameterDirection.Input objParam2.Direction = ParameterDirection.Input '' ||||| Set the value(s) of the parameters to the passed in values objParam1.Value = strUserName objParam2.Value = strPassword ' ||||| Try, catch block! Try ' ||||| Check if Connection to DB is already open, if not, then open a connection If MyConn.State = ConnectionState.Closed Then ' ||||| DB not already Open...so open it MyConn.Open() End If ' ||||| Create OleDb Data Reader Dim objReader As OleDbDataReader objReader = MyCmd.ExecuteReader(CommandBehavior.CloseConnection) ' ||||| Close the Reader and the Connection Closes with it While objReader.Read() If CStr(objReader.GetValue(0)) <> "1" Then lblMessage.Text = "Invalid Login!" Else objReader.Close() ' ||||| Close the Connections & Reader Return True End If End While Catch ex As Exception lblMessage.Text = "Error Connecting to Database!" End Try End Function
d. Code the button click event for submitting login to DB
- The code for the onClick event of the Submit button is as follows, but this is very basic and simple. I will be expanding on this further with things like have a maximum number of attempts, and what happens when a user tries to access a page in the application without having logged in; it should redirect the user to the login page/form, otherwise what is the purpose of the login form.Private Sub cmdSubmit_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles cmdSubmit.Click If Page.IsValid Then ' ||||| Meaning the Control Validation was successful! ' ||||| Connect to Database for User Validation ||||| If DBConnection(txtUserName.Text.Trim(), txtPassword.Text.Trim()) Then FormsAuthentication.RedirectFromLoginPage(txtUserName.Text, False) ' ||||| default.aspx Page! Else Else ' ||||| Credentials are Invalid lblMessage.Text = "Invalid Login!" ' ||||| Increment the LoginCount (attempts) 'Session("LoginCount") = CInt(Session("LoginCount")) + 1 ' ||||| Determine the Number of Tries 'If Session("LoginCount").Equals(intMaxLoginAttempts) Then ' Response.Redirect("Denied.aspx") 'End If 'If CInt(Session("Num_of_Tries")) > 2 Then ' ||||| If Exceeds then Deny! ' Response.Redirect("Denied.aspx") 'End If End If End If End Sub
3. Create the page to send the user to once login is successful
- In Visual Studio.Net go to File -> Add New Item -> Webform
- Name it default.aspx
- For ease at this time, just put a text message saying something like "Successful Login".
- It is this page that ASP.Net will automatically look for once login is successful, so if you do not create it you will get an application error.4. Compile and run your code!
That is the end of this basic outline of a Login Page using ASP.Net. There were some moderate level of difficulty coding, but I believe my comments inline with the code should clarify any questions you may have. If by chance you have some questions, please post them here.
Please DO NOT POST replies to this thread that say things like - "Mine doesn't work!" without providing details of what errors you got, what does happen, etc.
I can't help you if you do not provide details! Let me say that again I can't help you if you do not provide details! And preferably any code alerations you may have done to the above code for your specific
application.Happy Coding.:cool:
hai thank u for the coding but while ewecuting the following error ocurred
Configuration Error
Description: An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately.
Parser Error Message: Only one <configSections> element allowed per config file and if present must be the first child of the root <configuration> element.
Source Error:
Line 15: </appSettings>
Line 16:
Line 17: <configSections>
Line 18: <sectionGroup name="system.web.extensions" type="System.Web.Configuration.SystemWebExtensionsSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35">
Line 19: <sectionGroup name="scripting" type="System.Web.Configuration.ScriptingSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35">
Source File: C:\Documents and Settings\smart\My Documents\Visual Studio 2008\WebSites\WebSite2\web.config Line: 17
Show Additional Configuration Errors:
Sections must only appear once per config file. See the help topic for exceptions. (C:\Documents and Settings\smart\My Documents\Visual Studio 2008\WebSites\WebSite2\web.config line 32)
--------------------------------------------------------------------------------
Version Information: Microsoft .NET Framework Version:2.0.50727.3053; ASP.NET Version:2.0.50727.3053