Help with my login script :(

Question

adam1991 0 Newbie Poster

15 Years Ago

Here is the code first off all for the login script (HTML)

<form id="form1" runat="server" method="post">
    <asp:TextBox ID="txtUsername" runat="server"></asp:TextBox>
    <asp:TextBox ID="txtPassword"
        runat="server" style="width: 128px"></asp:TextBox>
    <asp:Button ID="Button1" runat="server" Text="Login" />

Here is the behind code to that page double click on the button and get this code (VB.NET)

Dim conn As New OleDbConnection("Provider=Microsoft.Jet.OLEDB.4.0;data source=" & Server.MapPath("database\UsersPasswords.mdb"))
        Try
            Dim query As New OleDbCommand("SELECT        COUNT(*) AS Result, Username AS UsernameInput, [Password] AS PasswordInput FROM(UsersPasswords)GROUP BY Username, [Password]HAVING        (COUNT(*) = 1) AND (Username = '" & txtUsername.Text & "') AND ([Password] = '" & txtPassword.Text & "')", conn)

conn.Open()
            Dim datareader As OleDbDataReader = query.ExecuteReader()
            datareader.Read()

            If datareader.Read = True Then
                Label1.Text = ("You are logged in")
            Else
                Label1.Text = ("Wrong Username or Password")
            End If
            conn.Close()
        Catch ex As Exception
            Label1.Text = (ex.Message)
        End Try
    End Sub

The problem is that when i type in the correct username and password from the database it just keeps saying "wrong password" ive tried a number of diffrent querys but im unable to fix it :(

Thanks for your help!

asp.net

4 Contributors
5 Replies
113 Views
2 Days Discussion Span
Latest Post 15 Years Ago Latest Post by I.Ahmad

vuyiswamb 17 Posting Whiz

15 Years Ago

This is not A Correct Approach for a login. This is simple you are Suppose to count the Records that matches the Where Clause and you have included having and Group by clause and that is incorrect. You need a simple statement like this

SELECT COUNT(*) FROM UsersPasswords
WHERE Username = [USERNAMEPARAMER] AND Password =[PASSWORDPARAMTER]

I Have once gave someone an answer , please search any post by me here on the Forum

vuyiswamb 17 Posting Whiz

15 Years Ago

Look at this Post and tell me if there is still a problem

http://www.daniweb.com/forums/thread138587.html

Kind Regards

Vuyiswa Maseko

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

adam1991 0 Newbie Poster · Answer 1 · 2009-10-05T20:46:42+00:00

Are you sayin the whole login is the wrong way to do it.. or you sayin just the query is the wrong way?

Ive just tried that query and it is sayin wrong username or password even though i typed in the right information

thanks

plazmo 1 Posting Whiz in Training · Answer 2 · 2009-10-05T23:58:36+00:00

Here is the code first off all for the login script (HTML)

<form id="form1" runat="server" method="post">
    <asp:TextBox ID="txtUsername" runat="server"></asp:TextBox>
    <asp:TextBox ID="txtPassword"
        runat="server" style="width: 128px"></asp:TextBox>
    <asp:Button ID="Button1" runat="server" Text="Login" />

Here is the behind code to that page double click on the button and get this code (VB.NET)

Dim conn As New OleDbConnection("Provider=Microsoft.Jet.OLEDB.4.0;data source=" & Server.MapPath("database\UsersPasswords.mdb"))
        Try
            Dim query As New OleDbCommand("SELECT        COUNT(*) AS Result, Username AS UsernameInput, [Password] AS PasswordInput FROM(UsersPasswords)GROUP BY Username, [Password]HAVING        (COUNT(*) = 1) AND (Username = '" & txtUsername.Text & "') AND ([Password] = '" & txtPassword.Text & "')", conn)

conn.Open()
            Dim datareader As OleDbDataReader = query.ExecuteReader()
            [B]datareader.Read()[/B]

            If datareader.Read = True Then
                Label1.Text = ("You are logged in")
            Else
                Label1.Text = ("Wrong Username or Password")
            End If
            conn.Close()
        Catch ex As Exception
            Label1.Text = (ex.Message)
        End Try
    End Sub

The problem is that when i type in the correct username and password from the database it just keeps saying "wrong password" ive tried a number of diffrent querys but im unable to fix it :(

Thanks for your help!

datareader.Read() is advancing your data reader to the next row. If there is only 1 row then the next row would be empty. delete that and it should work.(i have it bold)

I.Ahmad 0 Newbie Poster · Answer 3 · 2009-10-07T22:35:45+00:00

U should try this simple query as
dim aurery as oledbcommand=new oledbcommad("select * from <tablename> where username='" & txtuname.text & "' and password='" & txtpasword.text & "')"

dim dr as oledbdatareader=query.executereader()
if dr.read=true then
label1.text="you r welcome"
else
label1.text="wrong pasword"
end if

Enjoy coding..
u can direct contact me on imteyazahmad86@gmail.com
u r alwz welcome