Wasn't sure whether to put this in the beginners section or here, so sorry if this is in the wrong section. basicly i'm trying to create a simple login page (not too simple obviously). basicly i use the query shown bellow to gain the userID: SELECT UserID FROM tblUsers WHERE UserName=@Username AND Password=@Password;
Then on my login page i connect to the database and envoke the procedure setting the parameters etc before using the TRY block to attempt to validate the user, essentialy i have an integer intID thats set to 0 and that should be updated if the user details are correct (to another number) but it never does and so currently no-one is authorised to access my site if anyone can just take a look bellow and tell me where i'm screwing up i'd be very gratefull, i am a newbie to this so so it'll prob be something really dumb:
dim conn as new OleDbConnection("Provider=" & _
"Microsoft.Jet.OLEDB.4.0;" & _
"Data Source=M:\FYP\project.mdb")
dim objCmd as OleDbCommand = new OleDbCommand _
("spValidateUser", Conn)
objCmd.CommandType = CommandType.StoredProcedure
dim objParam as OleDbParameter
objParam = objCmd.Parameters.Add("@Username", OleDBType.BSTR)
objParam.Value = tbUsername.Text
objParam = objCmd.Parameters.Add("@Password", OleDBType.BSTR)
objParam.Value = tbPassword.Text
try
objCmd.Connection.Open
intID=CType(objCmd.ExecuteScalar, Integer)
objCmd.Connection.Close
catch ex as OleDbException
lblMessage.text = ex.Message
end try
if intID <> 0 then
Response.Cookies("authorise").Value = IntID
Response.redirect("main2.aspx")
else
lblMessage.Text = "<font color=red>Sorry, " & "invalid username of password </font><p>"
end if
end sub
