Click here to Skip to main content
15,897,090 members
Search within:


I am not able to get a successful login using this code... can somebody help me out
Please Sign up or sign in to vote.
1.00/5 (1 vote)
See more:
C#
.NET
I have now checked whether read.Reader is returning the values.And Yes it it.!!
Its been displayed on the console but still when I run the code i get unsuccessful login box
C#
private void button1_Click(object sender, EventArgs e)
   {
       String s1 = textBox1.Text;
       String s2 = textBox2.Text;

       SqlConnection cnn = new SqlConnection("Data Source=.\\SQLEXPRESS;Initial Catalog=register;Integrated Security=True");
           String sql = ("select Userid,Password from reg where Userid='" + s1 + "' and Password='" + s2 + "' ");
           cnn.Open();

           String userid="";
           String password="";

     SqlCommand cmd = new SqlCommand(sql,cnn);
          SqlDataReader reader  = cmd.ExecuteReader();



          if (reader.HasRows)
          {
              while(reader.Read())
              {
                  userid = reader.GetString(0);
                  password = reader.GetString(1);

                  Console.WriteLine(userid);
                  Console.WriteLine(password);
              }

       if((s1.Equals(userid)) && (s2.Equals(password)))
              {

                   MessageBox.Show("LOGIN SUCCESSFULLY DONE>>");
              }

              else
              {
                   MessageBox.Show("LOGIN UNSUCCESSFUL ....");
              }
          }


//
This is my reg table::

Userid Password Re-entered Mob.No
John 444 444 7895858201
Matt 101 101 9858964750
Bill bill bill 8579698940

Here is a screenshot of what i did
Posted
Updated 10-Feb-16 23:20pm
v6
Add a Solution
Comments
[no name] 4-Feb-16 1:44am    
Can you describe it more not successfully login. Secondly provide two textbox values and also tell us what you are not getting exactly.
Member 12306556 11-Feb-16 5:33am    
@Manas_Kumar check my screenshot on this link-> http://i.stack.imgur.com/jxt3u.png

If you look closely you will see that userid & password values are being returned and displayed as excepted on the console.But I am not understanding why when I click on the Continue button I get unsuccessful login.
Richard Deeming 4-Feb-16 8:56am    
Your code is vulnerable to SQL Injection[^].

NEVER use string concatenation to build a SQL query. ALWAYS use a parameterized query.
Richard Deeming 4-Feb-16 8:57am    
Also, you are storing passwords in plain text. That is an extremely bad idea. You should only ever store a salted hash of the password, using a unique salt per record.

Secure Password Authentication Explained Simply[^]
Salted Password Hashing - Doing it Right[^]
Member 12306556 11-Feb-16 5:40am    
@Richard Deeming...yes sir i do agree it is a bad practice to store password in plain text.I am surely going to get it in # or * format.But for now my main focus is on the login..so kindly help me out with this problem

1 solution

reformat your SQL connection string as below
C#
Server=myServerAddress;Database=myDataBase;User Id=myUsername;
Password=myPassword;

hope, it resolve your issue
 
Share this answer
 
Posted
Comments
Member 12306556 11-Feb-16 5:27am    
But my connection seems to be fine right?Coz its displaying the correct values on the console. Please have a look -> http://i.stack.imgur.com/jxt3u.png
Add a Solution

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month

Advertise
Privacy
Cookies
Terms of Use
Last Updated 25 Feb 2016
Layout: fixed | fluid
Copyright © CodeProject, 1999-2024
All Rights Reserved.

Web03 2.8:2024-04-02:1

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900