Go4Expert

Go4Expert (http://www.go4expert.com/)
-   C# (http://www.go4expert.com/forums/c-sharp/)
-   -   How to validate user ID and password login from SQL Server thru C# (http://www.go4expert.com/forums/validate-user-id-password-login-sql-t28214/)

infotechpegasus 18Apr2012 10:54

How to validate user ID and password login from SQL Server thru C#
 
First Question :D
I have cases to validate user login (ID and Password) , check to database in sql server 2008..
I have created stored procedure to login , but how can I make the sp return value whether the user ID and password is wrong..
thx :D

bzforum 28May2012 21:09

Re: How to validate user ID and password login from SQL Server thru C#
 
Call the sp from c# and fill it in a DataTable and then count the rows of the datatable

PHP Code:

select from login where usrname='abc' and password='123' 

if the number of rows is zero the login is incorrect if the rows returned is 1 then the credentials are correct...

remember you will have to disallow the use of these characters * ; '' @ etc so that there are no injections...

pein87 11Jun2012 02:55

Re: How to validate user ID and password login from SQL Server thru C#
 
instead of select all just select what you need. If you have a monsterous usertable like vbulletin or other software does it is unneeded load to query the entire thing. Store that request data as either an array with two fields or two separate variables. No hard coding these values because you what it to be dynamic.

Code: Csharp

string uName = Request.Form['username'];

string passWrd = Request.Form['password'];

Code: SQL

SELECT usrname, password FROM login WHERE usrname = uName  AND password = passWrd;


or with an array.

Code: Csharp

string[] userCreds = { Request.Form['username'], Request.Form['password'] };

/* alternate way to do it
string[] userCreds = new string[2];

userCreds[0] = Request.Form['username'];
userCreds[1] = Request.Form['password'];
*/

Code: SQL

SELECT usrname, password FROM login WHERE usrname = userCreds[0]  AND password = userCreds[1];


Be sure to make a reference to System.Web and use it or else Request will not work.


All times are GMT +5.5. The time now is 14:06.