Member Avatar for FaresEid

So I created a custom generated file that lets me take the username and password.
It is the following:

public User GetUserByUserNamePassword(string userName, string Password)
{
   return (_DatabaseContext.Users.FirstOrDefault(user => user.Username == userName && user.Password ==Password));
}

In my log in page I have a webUserControl that contains two textboxes, one for the password and the other one for the username. I created an object data source for the webusercontrol to take in parameters Username and password .

Whats the c# code that can let me check if the username and password are valid (I have a table called User btw that has three columns, UserID(pk), Username and Password.

  • 4 Contributors
  • 3 Replies
  • 132 Views
  • 6 Days Discussion Span
  • Latest Post Latest Post by BMXDad
Member Avatar for ithinkunome

You can do something like this

try
            {
                SqlConnection objConn = new SqlConnection("Data Source=ithinkunome-vm;Database=test; Integrated security=True");
                objConn.Open();
                SqlCommand objCommand = objConn.CreateCommand();
                objCommand.CommandText = "select password from users where username='"+txtUserName.Text+"'";
                SqlDataReader objDataReader = objCommand.ExecuteReader();
                while (objDataReader.Read())
                {
                    if (txtPassword.Text == objDataReader["password"].ToString())
                        lblStatus.Text = "Password is Valid User is Logged In";
                    else
                        lblStatus.Text = "Password is not Valid User is Not Logged In";
                }
                objConn.Close();
            }
            catch (Exception ex)
            { 

            }

On a web page there are 2 textbox txtUserName and txtPassword, 1 submit button and a label

After typing userName and password when the user click on button it will be checked against database, and if they match the label will be updated

Get the project file from here

http://www.techgulf.blogspot.com/2013/07/how-to-control-login-asp-c.html

Hope it will help

Thanks

Member Avatar for BMXDad

If Im not using the SQL Membership I usually call a helper class that has a few methods just for this.

start here passing credentials:

    protected static bool LoginUser(string user, string pass)
    {
        Logger l = new Logger();

        return l.IsUser(user.Trim(), pass.Trim());
    }

The IsUser Class:

    /// <summary>
    /// Check to see if user is legal
    /// </summary>
    /// <param name="user">User name </param>
    /// <param name="pass">User password </param>
    /// <returns>True if is a user</returns>
    public bool IsUser(string user, string pass)
    {
        using (SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["conn"].ConnectionString))
        {
            bool b;
            //// Send info to DB and see if I get a record
            SqlCommand cmd = new SqlCommand("sproc", conn);
            cmd.CommandType = CommandType.StoredProcedure;

            cmd.Parameters.AddWithValue("@user", user);
            cmd.Parameters.AddWithValue("@pass", pass);

            SqlParameter isAUser = cmd.Parameters.Add("@IsUser", SqlDbType.Char, 3);
            isAUser.Direction = ParameterDirection.Output;
            conn.Open();

            b = Convert.ToBoolean(cmd.ExecuteScalar().ToString());
            if (b)
            {
                string u = Convert.ToString(isAUser.Value);
                HttpContext.Current.Session["UserID"] = u;
                b = true;
            }
            else
            {
                b = false;
            }

            conn.Close();
            return b;
        }
    }

The bool value will be used to validate if user credentials are valid.

Edited by BMXDad
Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.