Login form

haswalt · February 2nd, 2005, 01:15 PM

hi i need a little help with my login form.

i currently have two text boxes, one for username and password.
i requires the user to be able to enter their username and password; then the program searches an SQL database for the username and password to validate them.

at the moment i use a simple select statement to find the username.

i then tried to use an if statement to check if the password loaded is equal to my txtpassword.text value. This does not work.

can anyone tell me how to make a form check for user data in an SQL database, in order to create a login form.

Thank you harry

p.s. this was done in vb.net

BrianWren · February 16th, 2005, 04:48 PM

What I do is this.
Using the username and password provided, I try to open a connection.
If the connection returns an error, I respond to the user that the password or the username were wrong.

If that works, then you know you have a vaild login set.
Close the connection, and then have the program open a connection with the proper credentials, and go get whatever user-specific info you need regarding them to allow the program to proceed.

kohkr · June 19th, 2007, 11:14 PM

Quote:

quote:Originally posted by BrianWren
What I do is this.
Using the username and password provided, I try to open a connection.
If the connection returns an error, I respond to the user that the password or the username were wrong.

If that works, then you know you have a vaild login set.
Close the connection, and then have the program open a connection with the proper credentials, and go get whatever user-specific info you need regarding them to allow the program to proceed.

Kia · June 25th, 2007, 12:27 AM

I'm not really sure what exactly is not working with your attempt. But I do a similar thing as Brian. Logically that is.

Here's a bit of code that I found a while ago and had stashed away. I knew it would come in handy one day. Anyway, I do things slightly different now, but this is a very simple demo that should hopefully get you going.

this code is for Access. you just have to change the variable declarations and connect string to connect to SQL Server. At the least, you should see the logic it uses.

Code:

' Place this code under your Public Class.  If your form name is Login, then place it under Public Class Login
    Inherits System.Windows.Forms.Form
    Dim iCount As Integer ' this integer is declared to help count the number of imes a user tried to login.
    Dim frmMain As New MainScreen ' this line declares a variable that will point the user to the Main Screen upon a successful login.  The second form created is called MainScreen.vb
    Private Sub btnLogin_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnLogin.Click
        'The connection string is used to describe the type of database, the security information and the location to the database.
        Dim ConString As String = "Provider=Microsoft.Jet.OLEDB.4.0;Password="""";User ID=Admin;Data Source=""databasename.mdb"";"
        'Create a new connection object and assign the ConString Connection String above
        Dim DBCon As New OleDb.OleDbConnection(ConString)
' g_login is a global variable defined in a Module that captures the login name and passes it from form to form.  To create this, just create a Module, say Module1.vb and in it put "Public g_login as String" {g meaning global and login to represent the global login}
        g_login = Me.txtUsername.Text

        Dim strPassword As String = Me.txtPassword.Text

        If g_login = "" Or strPassword = "" Then
            MessageBox.Show("You are missing information. Please make sure that both the username and password fields are filled out.", "Missing Info")
            Me.txtUsername.Focus()
            Return
        End If
' The database has two fields in the Users table.  A UserID field, which is the primary key and declared as a text.  The other field is Password, which is a text as well.
        Dim strsql As String = "SELECT [UserID], [Password] FROM Users WHERE [UserID]='" & g_login & "' "

        Dim cm As New OleDb.OleDbCommand(strsql, DBCon)
        Dim dr As OleDb.OleDbDataReader
        Dim valid As Boolean = False
        Dim HasRows As Boolean = False
        Try
            DBCon.Open()
            dr = cm.ExecuteReader
            If dr.HasRows Then
                While dr.Read
                    If strPassword = dr.Item("Password") Then
                        valid = True
                    End If
                End While
                HasRows = True
            End If
            dr.Close()
        Catch exO As OleDb.OleDbException
            MessageBox.Show(exO.Message)
        Catch ex As Exception
            MessageBox.Show(ex.Message)
        Finally
            If DBCon.State = ConnectionState.Open Then
                DBCon.Close()
            End If
            cm = Nothing
            dr = Nothing
            DBCon.Dispose()
            GC.Collect()
        End Try
        iCount = iCount + 1
        If valid = True Then
            Me.Hide()
            frmMain.Show()
        ElseIf iCount = 3 Then
            MessageBox.Show("Contact Safreak!", "Invalid Info")
            Me.Close()
        ElseIf HasRows = False Then
            MessageBox.Show("Invalid user name, try again!", "Invalid Info")
            Me.txtUsername.Focus()
            Me.txtUsername.Text = ""
            Me.txtPassword.Text = ""
        Else
            MessageBox.Show("Invalid password, try again!", "Invalid Info")
            Me.txtPassword.Focus()
            Me.txtPassword.Text = ""
        End If

    End Sub