Wrox Programmer Forums
Go Back   Wrox Programmer Forums > ASP.NET and ASP > ASP.NET 1.0 and 1.1 > BOOK: Beginning ASP.NET 1.1
Reload this Page Forms-based authentication using database
|
BOOK: Beginning ASP.NET 1.1
This is the forum to discuss the Wrox book Beginning ASP.NET 1.1 with Visual C#.NET 2003 by Chris Ullman, John Kauffman, Chris Hart, Dave Sussman, Daniel Maharry; ISBN: 9780764557088
Welcome to the p2p.wrox.com Forums.

You are currently viewing the BOOK: Beginning ASP.NET 1.1 section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
 
Old September 18th, 2006, 01:10 AM
Registered User
  
Join Date: Sep 2006
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via Yahoo to chanchoth
Default Forms-based authentication using database
Hi,

I want to autheticate my user with SQL database before they can go to the admin site.

I have the following script callled login.aspx.

<%@ Page Language="C#" Debug="true" %>
<%@ import Namespace="System.Web.Security" %>
<%@ import Namespace="System.Data" %>
<%@ import Namespace="System.Data.SqlClient" %>
<script runat="server">

    void btnLogin_Click(Object sender, EventArgs e) {
          string connectionString = "server=\'ASKHPNHLT0001\'; user id=\'sa\'; password=\'AspDotNet\'; database=\'Student\'";
          System.Data.IDbConnection dbConnection = new System.Data.SqlClient.SqlConnection(connectionStri ng);

          string queryString = "SELECT Password FROM tblAuthentication WHERE UserName= '" + txtUserName.Text + "'";
          System.Data.IDbCommand dbCommand = new System.Data.SqlClient.SqlCommand();
          dbCommand.CommandText = queryString;
          dbCommand.Connection = dbConnection;

          dbConnection.Open();
          System.Data.IDataReader dataReader = dbCommand.ExecuteReader(System.Data.CommandBehavio r.CloseConnection);
          if (dataReader.Read())
          {
            //Response.Write("The password is " + txtPassword.Text + "<br />");
            //Response.Write("The password from DataReader is " + dataReader["Password"].ToString());
            if (dataReader["Password"].ToString() == txtPassword.Text)
            {
                Msg.Text="Congratulations! You can access this site."; //It never falls under this condition even though it has the correct username and password. Please advice.
            }
            else
            {
                Msg.Text="Invalid Password.";
            }
          }
          else
          {
            Msg.Text="Login name not found.";
            dataReader.Close();
          }
    }

</script>
<html>
<head>
    <title>Login</title> <style type="text/css">.style1 {
    FONT-WEIGHT: bold; COLOR: #ffffff
}
</style>
</head>
<body>
    <form runat="server">
        <table bordercolor="#0000ff" width="300" align="center" border="1">
            <tbody>
                <tr>
                    <td bgcolor="#000099">
                        <div class="style1" align="center">
                            <div align="center">Corporate Software Authentication
                            </div>
                        </div>
                    </td>
                </tr>
                <tr>
                    <td>
                        <table width="300" border="0">
                            <tbody>
                                <tr>
                                    <td width="116">
                                        User Name</td>
                                    <td width="10">
                                        :</td>
                                    <td width="160">
                                        <asp:TextBox id="txtUserName" runat="server"></asp:TextBox>
                                    </td>
                                </tr>
                                <tr>
                                    <td width="116">
                                        Password</td>
                                    <td width="10">
                                        :</td>
                                    <td width="160">
                                        <asp:TextBox id="txtPassword" runat="server" TextMode="Password"></asp:TextBox>
                                    </td>
                                </tr>
                                <tr>
                                    <td>
                                    </td>
                                    <td>
                                        &nbsp;
                                    </td>
                                    <td>
                                        <asp:Button id="btnLogin" onclick="btnLogin_Click" runat="server" Text="Login"></asp:Button>
                                    </td>
                                </tr>
                            </tbody>
                        </table>
                        <div>
                            <div align="center"><asp:Label id="Msg" runat="server"></asp:Label>
                            </div>
                        </div>
                    </td>
                </tr>
                <tr>
                    <td valign="center" align="middle" bgcolor="#000099">
                        <div class="style1" align="center">
                            <div align="center">Copyright by Plan International Cambodia
                            </div>
                        </div>
                    </td>
                </tr>
            </tbody>
        </table>
    </form>
</body>
</html>

For web.config I have:
<?xml version="1.0" encoding="UTF-8" ?>
<configuration>
    <system.web>
        <authentication mode="Forms">
        <forms name=".ASPXAUTH" loginUrl="login.aspx" protection="Validation" timeout="60" />
        </authentication>
        <authorization>
            <allow users="*" />
        </authorization>
    </system.web>
</configuration>

And my database structure is as following:
if exists (select * from dbo.sysobjects where id = object_id(N'[dbo].[tblAuthentication]') and OBJECTPROPERTY(id, N'IsUserTable') = 1)
drop table [dbo].[tblAuthentication]
GO

if exists (select * from dbo.sysobjects where id = object_id(N'[dbo].[tblStudent]') and OBJECTPROPERTY(id, N'IsUserTable') = 1)
drop table [dbo].[tblStudent]
GO

CREATE TABLE [dbo].[tblAuthentication] (
    [UserName] [char] (50) COLLATE SQL_Latin1_General_CP1_CI_AS NOT NULL ,
    [Password] [char] (25) COLLATE SQL_Latin1_General_CP1_CI_AS NOT NULL
) ON [PRIMARY]
GO

CREATE TABLE [dbo].[tblStudent] (
    [ID] [int] IDENTITY (1, 1) NOT FOR REPLICATION NOT NULL ,
    [Name] [varchar] (50) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
    [************] [char] (1) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
    [DOB] [datetime] NULL
) ON [PRIMARY]
GO

Even I enter to my form with the correct username and password, it always say that "Invalid Password.". Could you please kindly advice me on how could I make this authentication works?

Many thanks,
Chanchoth





Similar Threads
Thread Thread Starter Forum Replies Last Post
Form based authentication.... avanishp General .NET 2 June 17th, 2005 03:11 AM
Form based authentication with WLS7 jcgarciap J2EE 1 March 9th, 2005 01:15 PM
form-based authentication using a database waru BOOK: Beginning ASP.NET 1.0 2 May 28th, 2004 10:37 PM
Chapter 20 -Forms based Authentication bshay BOOK: Beginning ASP.NET 1.0 2 October 7th, 2003 09:17 AM




Contact Us - Wrox - Privacy Statement - Top

Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.