Click here to Skip to main content
15,905,508 members
Please Sign up or sign in to vote.
1.00/5 (1 vote)
See more:
How to create an interface login using C# v studio 2008.
Which i have created the user dbase as back end & the form as the front end.
1. How to connect to the dbase with the form?
2. How to create new user?
Posted
Comments
joshrduncan2012 2-Aug-13 13:18pm    
What have you tried to do to accomplish this?
TryAndSucceed 2-Aug-13 13:34pm    
You look beginner. Have you searched on Google before posting your question?

ASP.Net does have a few user controls but I personally don't ever use them.

1. You need a login page that takes username and password.
2. Setup your web.config for forms authentication. Tons of examples online.
3. When the user clicks your login button send the username and password to your stored procedure to validate if they are a valid user.
4. If valid, set some session variable, for example Session["UserID"] = userid;
5. Since you should be using FormsAuthentication tell .Net that you have validated the user with FormsAuthentication.RedirectFromLoginPage(userid);
6. Make sure in your code you check your session variables if there is something they would not have access to.
7. To create a new user, create the form and do similar. Call your stored procedure passing in all the parameters.
8. To connect to SQL, use your SqlHelper class if you have one otherwise use the SqlConnection and SqlCommand objects.
 
Share this answer
 
1) There are a huge number of way to connect a form with a DB. In this case, you don't want a connection, you just want to check if the username and password your user entered match a valid entry in the database. There is some code and notes here that may help with this (though it may be a little advanced for you so just "bleep over" the bits you don't understand):
Password Storage: How to do it.[^]
All you need to do then is retrieve the id and password value from the db. This is also a bit complex, because you do have to do this properly: if you don't then you leave your system wide open to a non-logged in user destroying your database - and because they aren't logged in you don;t know whose head you want to stamp on...
C#
using (SqlConnection con = new SqlConnection(strConnect))
    {
    con.Open();
    using (SqlCommand com = new SqlCommand("SELECT UserID, PasswordHash FROM myTable WHERE UserName=@UN", con))
        {
        com.Parameters.AddWithValue("@UN", tbUsername.Text);
        using (SqlDataReader reader = com.ExecuteReader())
            {
            if (reader.Read())
                {
                int userId = (int)reader["UserId"];
                byte[] pw = (byte[])reader["PasswordHash"];
                if (MatchSHA1(pw, GetSHA1(tbUsername.Text, tbPassword.Text)));
                    {
                    //Successful login
                    }
                }
            //Failed login
            }
        }
    }


2) New user just means another form to collect his details, combined with a SELECT similar to the above to check his requested Username is not already used, followed by an INSERT to add the new details:
C#
using (SqlConnection con = new SqlConnection(strConnect))
    {
    con.Open();
    using (SqlCommand com = new SqlCommand("INSERT INTO myTable (UserName, PasswordHash) VALUES (@UN, @PH)", con))
        {
        com.Parameters.AddWithValue("@UN", tbUsername.Text);
        com.Parameters.AddWithValue("@PH", GetSHA1(tbUsername.Text, tbPassword.Text));
        com.ExecuteNonQuery();
        }
    }


Have a look, and give it a try. You should be able to sort it out from there.
 
Share this answer
 

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900