Click here to Skip to main content
15,742,377 members
Please Sign up or sign in to vote.
2.00/5 (1 vote)
See more:
I have a login screen that works fine. I have an issue when the user enters the username and password. The issue is when the user enters the correct username but incorrect password the error massage does not display. It works fine if the user enters the incorrect username and password. Can someone help me with this?

C#
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.SqlClient;
using System.Configuration;
using System.Data;


public partial class Login : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        if (IsPostBack)
        {
            SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["PasswordConnectionString"].ConnectionString);
            con.Open();

            string cmdStr = "select count (*) from Table1 where EmailAddress='" + TextBoxEA.Text + "'";
            SqlCommand userExist = new SqlCommand(cmdStr, con);

            SqlCommand insertcmd = new SqlCommand("insert into Table1", con);
            SqlDataAdapter dap = new SqlDataAdapter(insertcmd);
            int temp = Convert.ToInt32(userExist.ExecuteScalar().ToString());
            con.Close();

            if (temp == 0)
                lblMessage.Text = "Invalid User Name and Password";
            
        }

    }
    protected void Button1_Click(object sender, EventArgs e)
    {

        SqlConnection con = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["PasswordConnectionString"].ConnectionString);
        con.Open();



        if (true)
        {
            SqlCommand level = new SqlCommand("select accessLevel, Password, INST_ID from Table1 where EmailAddress = @EmailAddress AND Password = @Password", con);
            level.Parameters.Add(new SqlParameter("EmailAddress", TextBoxEA.Text));
            level.Parameters.Add(new SqlParameter("Password", TextBoxPW.Text));

            SqlDataReader reader = level.ExecuteReader();
            DataTable dt1 = new DataTable();
            dt1.Load(reader);

            foreach (DataRow dr1 in dt1.Rows)
            {
                int returnedLevel = Convert.ToInt32(dr1[0].ToString());
                int inst_id = Convert.ToInt32(dr1[2].ToString());
                Session["inst_id"] = inst_id;
                    
                if (returnedLevel == 1)
                {
                    Response.Redirect("FormAPublic.aspx");
                }
                else if (returnedLevel == 2)
                {
                    Response.Redirect("FormCPrivateNon.aspx");
                }
                else if (returnedLevel == 3)
                {
                    Response.Redirect("FormDPrivateFor.aspx");
                }
                else if (returnedLevel == 7)
                {
                    Response.Redirect("CEOPage.aspx");
                }
                else if (returnedLevel == 8)
                {
                    Response.Redirect("DBPage.aspx");
                }
                else if (returnedLevel == 11)
                {
                    Response.Redirect("FormAPublicL.aspx");
                }
                else if (returnedLevel == 21)
                {
                    Response.Redirect("FormCPrivateNonL.aspx");
                }
                else if (returnedLevel == 31)
                {
                    Response.Redirect("FormDPrivateForL.aspx");
                }
                else if (returnedLevel == 0)
                {
                    lblMessage.Text = "Invalid UserName and Password";
                }
            }
        }
    }
}
Posted
Comments
ZurdoDev 4-Nov-13 9:34am    
Just put a breakpoint and see what is happening. What's the issue?
Computer Wiz99 4-Nov-13 9:37am    
I did the Breakpoint and nothing happen. The issue is in a clear way is when a user enters their correct username and incorrect password and clicks on the login button, it should display an error message for incorrect username and password but it doesn't. It only displays for the incorrect username and password.
ZurdoDev 4-Nov-13 9:39am    
Why do you have code in the IsPostBack of the Page_Load and in Button_Click? They'll both run.

1 solution

I guess you neeed to change the sql query filter condition in page load event, U need to include and condition for password also... As of now I can see that u are filtering table only with username.. so if username is given wrong only then it will show the error message... If username is correct no message is displayed.
 
Share this answer
 
Comments
Computer Wiz99 4-Nov-13 9:51am    
Member10378466, Ok. I see what you are saying. I will test it out.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month


CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900