login verification

katie456 · October 16th, 2003, 11:31 PM

Dim strSQL
'Verify user information in the database
strSQL = "SELECT membername, memberemail, memberpassword FROM memberinfo WHERE &_
membername = CStr(Request.Form("txtFirstName")) & _
memberemail = CStr(Request.Form("txtEmail")) & _
memberpassword = CStr(Request.Form("txtPassword"));"
    Set objConn = Server.CreateObject("ADODB.Connection")
    objConn.Open "DSN=conhcn"
    Set objCmd = Server.CreateObject("ADODB.Command")
    Set objCmd.ActiveConnection = objConn
    objCmd.CommandText = strSQL
    objCmd.CommandType = adCmdText

'Check for database errors
Call CheckForErrors(objConn)
I'm tring to verify users login info from a form to my access database, i tried using stored procedures but it wasn't working for me.. i'm reading the wrox "beginning asp databases" (not .net):)
anyway,,, i'm a little confused on syntax with the vb and sql..
below is what i tried.. and it didn't work:(
any help would be great!
thanks

'Check for empty recordset which indicates user information
'was not found
If objRS.EOF or objRS.BOF Then
    Session("ErrorMessage") = "No record found - Please ensure all information was entered correctly"
    Response.Redirect "Default.asp"
Else
    Session("ErrorMessage") = Empty
Response.Redirect "member.asp"
End If
%>

U.N.C.L.E. · October 19th, 2003, 12:09 PM

You need to delimit text values with ' (single quote)

SQL string:

strSQL = "SELECT membername, memberemail, memberpassword FROM memberinfo " & _
"WHERE (membername='" & CStr(Request.Form("txtFirstName")) & "') AND " & _
"(memberemail='" & CStr(Request.Form("txtEmail")) & "') AND " & _
"(memberpassword='" & CStr(Request.Form("txtPassword") & "');"

shanmugakannan · October 7th, 2005, 04:32 AM

STORED PROCEDURE
create procedure proclogin(@uid varchar(10),@pwd varchar(10))
as
DECLARE @userid varchar(10)
DECLARE @password varchar(10)
DECLARE @bool int
DECLARE curcheck cursor for
SELECT uid,pwd from login

open curcheck
FETCH curcheck into @userid,@password
while ( @@fetch_status=0)
begin
  fetch curcheck into @userid,@password
  if(@uid=@userid and @pwd=@password )
begin
    set @bool=1
return 1
    break
end
  else
begin
     set @bool=0
end

  end
  if(@bool=1)
     print 'Login Success'
  else
     print 'Login Failed'

close curcheck

C# CODING

using System;
using System.Collections;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Web;
using System.Web.SessionState;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.HtmlControls;
using System.Data.SqlClient;

namespace Login
{
    /// <summary>
    /// Summary description for WebForm1.
    /// </summary>
    public class WebForm1 : System.Web.UI.Page
    {
        protected System.Web.UI.WebControls.TextBox TextBox1;
        protected System.Web.UI.WebControls.TextBox TextBox2;
        protected System.Web.UI.WebControls.Button Button1;

        private void Page_Load(object sender, System.EventArgs e)
        {

        }

        #region Web Form Designer generated code
        override protected void OnInit(EventArgs e)
        {
            //
            // CODEGEN: This call is required by the ASP.NET Web Form Designer.
            //
            InitializeComponent();
            base.OnInit(e);
        }

        /// <summary>
        /// Required method for Designer support - do not modify
        /// the contents of this method with the code editor.
        /// </summary>
        private void InitializeComponent()
        {
            this.Button1.Click += new System.EventHandler(this.Button1_Click);
            this.Load += new System.EventHandler(this.Page_Load);

        }
        #endregion

        private void Button1_Click(object sender, System.EventArgs e)
        {
            SqlConnection con=new SqlConnection("server=dbasvr03;uid=sa;pwd=sa;datab ase=master");
            con.Open();
            SqlCommand com=new SqlCommand("proclogin",con);

            com.CommandType=CommandType.StoredProcedure;
            com.Parameters.Add("@uid",SqlDbType.VarChar,10);
            com.Parameters[0].Value=TextBox1.Text;
            com.Parameters.Add("@pwd",SqlDbType.VarChar,10);
            com.Parameters[1].Value=TextBox2.Text;
            com.Parameters.Add("return",SqlDbType.Float);
            com.Parameters[2].Direction=ParameterDirection.ReturnValue;
            com.ExecuteNonQuery();
            if (Convert.ToString(com.Parameters[2].Value)=="1")
                Response.Write("LOGIN SUCCESS");
            else
                Response.Write("LOGIN FAILED");
        }
    }
}

AccessMaster · October 16th, 2005, 01:47 PM

Thanks for sharing your code but note that this is an ASP with Access database forum not C# and SQL server forum.

Quote:

quote:Originally posted by shanmugakannan

STORED PROCEDURE
create procedure proclogin(@uid varchar(10),@pwd varchar(10))
as
DECLARE @userid varchar(10)
DECLARE @password varchar(10)
DECLARE @bool int
DECLARE curcheck cursor for
SELECT uid,pwd from login

open curcheck
FETCH curcheck into @userid,@password
while ( @@fetch_status=0)
begin
  fetch curcheck into @userid,@password
  if(@uid=@userid and @pwd=@password )
begin
    set @bool=1
return 1
    break
end
  else
begin
     set @bool=0
end

  end
  if(@bool=1)
     print 'Login Success'
  else
     print 'Login Failed'

close curcheck

C# CODING

using System;
using System.Collections;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Web;
using System.Web.SessionState;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.HtmlControls;
using System.Data.SqlClient;

namespace Login
{
    /// <summary>
    /// Summary description for WebForm1.
    /// </summary>
    public class WebForm1 : System.Web.UI.Page
    {
        protected System.Web.UI.WebControls.TextBox TextBox1;
        protected System.Web.UI.WebControls.TextBox TextBox2;
        protected System.Web.UI.WebControls.Button Button1;

        private void Page_Load(object sender, System.EventArgs e)
        {

        }

        #region Web Form Designer generated code
        override protected void OnInit(EventArgs e)
        {
            //
            // CODEGEN: This call is required by the ASP.NET Web Form Designer.
            //
            InitializeComponent();
            base.OnInit(e);
        }

        /// <summary>
        /// Required method for Designer support - do not modify
        /// the contents of this method with the code editor.
        /// </summary>
        private void InitializeComponent()
        {
            this.Button1.Click += new System.EventHandler(this.Button1_Click);
            this.Load += new System.EventHandler(this.Page_Load);

        }
        #endregion

        private void Button1_Click(object sender, System.EventArgs e)
        {
            SqlConnection con=new SqlConnection("server=dbasvr03;uid=sa;pwd=sa;datab ase=master");
            con.Open();
            SqlCommand com=new SqlCommand("proclogin",con);

            com.CommandType=CommandType.StoredProcedure;
            com.Parameters.Add("@uid",SqlDbType.VarChar,10);
            com.Parameters[0].Value=TextBox1.Text;
            com.Parameters.Add("@pwd",SqlDbType.VarChar,10);
            com.Parameters[1].Value=TextBox2.Text;
            com.Parameters.Add("return",SqlDbType.Float);
            com.Parameters[2].Direction=ParameterDirection.ReturnValue;
            com.ExecuteNonQuery();
            if (Convert.ToString(com.Parameters[2].Value)=="1")
                Response.Write("LOGIN SUCCESS");
            else
                Response.Write("LOGIN FAILED");
        }
    }
}

Boyd
"Hi Tech Coach"
Access Based Accounting/Business Solutions developer.
http://www.officeprogramming.com