Hi Everybody
i have been trying to develop a website for my company in asp.net using c# . i have a problem i login page . i am not able to connect it to my database so that i can match user name and password . plz tell me what mistake i am making.
C# CODE
using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Data.SqlClient;
public partial class _Default : System.Web.UI.Page
{
protected bool ValidateUser(string userName, string passWord)
{
SqlConnection Conn;
SqlCommand cmd;
string lookupPassword = null;
try
{
Conn = new SqlConnection("Data Source=xxx;User ID=xxx;Password=xxxx");
Conn.Open();
cmd = new SqlCommand("Select pwd from users where uname = '@userName'", Conn);
cmd.Parameters.Add("@userName");
cmd.Parameters["@userName"].Value = userName;
lookupPassword = (string)cmd.ExecuteScalar();
cmd.Dispose();
Conn.Dispose();
}
catch (Exception ex)
{
System.Diagnostics.Trace.WriteLine("[ValidateUser] Exception ");
}
if (null == lookupPassword)
{
return false;
}
return (0 == string.Compare(lookupPassword, passWord, false));
}
}
.aspx CODE
private void cmdLogin_ServerClick(object sender, System.EventArgs e)
{
if (ValidateUser(txtUserName.Value, txtUserPass.Value))
FormsAuthentication.RedirectFromLoginPage(txtUserName.Value,
chkPersistCookie.Checked);
else
Response.Redirect("logon.aspx", true);
}