Click here to Skip to main content
15,077,137 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
Hi Everyone,

I have created a new registration page, Register.aspx, and a new Table, aspnet_UserMembership, in the database. These are all working with no problem. It is my login page, Login.aspx, and the code page, Login.aspx.cs, do not work properly. When I try to login, and validate UserName and Password, I go straight to the login.aspx page instead of the Default.aspx. If the UserName and Password do not validate, it should send go to ErrorExist.aspx, but instead it sends me back to the login page when ever I try to login and does not validate. The code for these pages is as follows below:

Page Login.aspx,

ASP.NET
<%@ Page Title="" Language="C#" MasterPageFile="~/Register.master" AutoEventWireup="true" CodeFile="Login.aspx.cs" Inherits="Login" %>
 
<asp:Content ID="Content1" ContentPlaceHolderID="head" Runat="Server">
</asp:Content>
<asp:Content ID="Content2" ContentPlaceHolderID="ContentPlaceHolder1" Runat="Server">
    <br />
    <link href="Styles/Content.css" rel="stylesheet" />
    <div id="content">
        <div style="text-align: center; height: 53px">
            <span style="font-family: Arial, Helvetica, sans-serif; font-size: large">Welcome to Genealogy-Biography.com Login Page </span>
        </div>
        <div style="text-align: justify">
            If you are already a member, you can just login. If not a member yet, please press the register link below to register it is FREE!:</div>
        <br />
        <table cellpadding="0" cellspacing="0" style="width: 159%">
            <tr>
                <td style="background-color: #990000"> </td>
                <td style="text-align: left; font-family: Arial, Helvetica, sans-serif; font-size: large; color: #9F9F6F; width: 163px; background-color: #990000">Login<br />
                    <br />
                    </td>
                <td style="background-color: #FFFFFF">
                     </td>
            </tr>
            <tr>
                <td style="text-align: right"> </td>
                <td style="width: 163px"> </td>
                <td> </td>
            </tr>
            <tr>
                <td style="text-align: right; font-family: Arial, Helvetica, sans-serif; font-size: medium; height: 22px; border-left-color: #A0A0A0; border-right-color: #C0C0C0; border-top-color: #A0A0A0; border-bottom-color: #C0C0C0">User Name:</td>
                <td style="width: 163px; height: 22px">
                    <asp:TextBox ID="UserName" runat="server" style="margin-left: 0px" Width="200px"></asp:TextBox>
                </td>
                <td style="height: 22px">
                    <asp:RequiredFieldValidator ID="RequiredFieldValidator1" runat="server" ControlToValidate="UserName" ErrorMessage="User Name Required......" ForeColor="Red"></asp:RequiredFieldValidator>
                </td>
            </tr>
            <tr>
                <td style="text-align: right; font-family: Arial, Helvetica, sans-serif; font-size: medium; border-left-color: #A0A0A0; border-right-color: #C0C0C0; border-top-color: #A0A0A0; border-bottom-color: #C0C0C0">Password:</td>
                <td style="width: 163px">
                    <asp:TextBox ID="Password1" runat="server" TextMode="Password" Width="200px"></asp:TextBox>
                </td>
                <td>
                    <asp:RequiredFieldValidator ID="RequiredFieldValidator2" runat="server" ControlToValidate="Password1" ErrorMessage="Password Required......." ForeColor="Red"></asp:RequiredFieldValidator>
                </td>
            </tr>
            <tr>
                <td style="text-align: right"> </td>
                <td style="width: 163px"> </td>
                <td> </td>
            </tr>
            <tr>
                <td> </td>
                <td style="width: 163px; text-align: right">     
                    <asp:Button ID="Button1" runat="server" OnClick="Button1_Click" Text="Login" />
                </td>
                <td>
                    <asp:HyperLink ID="HyperLink1" runat="server" NavigateUrl="~/Register.aspx">Register</asp:HyperLink>
                </td>
            </tr>
        </table>
        <br />
        <br />
        <br />
        <br />
    </div>
    <div id ="content1"></div>
    <div id="ad"></div>
</asp:Content>


Login.aspx.cs

C#
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Configuration;
using System.Data;
using System.Data.SqlClient;
using System.Data.SqlTypes;
using Microsoft.SqlServer.Server;

public partial class Login : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {

    }


    protected void Button1_Click(object sender, EventArgs e)
    {
        SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["GenealogyConnectionString1"].ConnectionString);


        con.Open();
        String cmdStr = "Select count (*) from aspnet_UserMembership where UserName = '" + UserName.Text + "'";
        SqlCommand Checkuser = new SqlCommand(cmdStr, con);
        int temp = Convert.ToInt32(Checkuser.ExecuteScalar().ToString());
        con.Close();

        if (temp == 1)
        {
            con.Open();
            String cmdStr2 = "Select Password from aspnet_UserMembership where UserName = '" + UserName.Text + "'";
            SqlCommand pass = new SqlCommand(cmdStr2, con);
            String Password = pass.ExecuteScalar().ToString();
            con.Close();


            if (Password == Password1.Text)
            {
                Session["New"] = UserName.Text;
                Response.Redirect("Default.aspx");
            }
            else
            {
                Response.Redirect("ErrorExist.aspx");

            }
        }
        else
        {
            Response.Redirect("ErrorExist.aspx");

        }
    }
}


Thanks, your help would be much appreciated, and look forward to hearing from you in the near future.



Thanks





ASW
Posted

1 solution

Three things:
1) Don't store your passwords in clear text - it is a major security risk. Hash them instead: Password Storage: How to do it.[^]
2) Do not concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Use Parametrized queries instead. This is a major problem with a web site, and when the login code can easily destroy your database it is a very foolish way to start...
3) Are you by any chance checking for login in your master page? And directing to the login page from there? Because if you are, then you probably shouldn't use the master page fro your login error report page, should you...

Don't do it like that - implement Membership[^] instead. It covers probably everything you need and is a lot quicker, and more reliable than "brewing your own" as you are. The link guides you through, but it shouldn't take you more than 30 minutes in total.
   
Comments
Member 9142936 7-Nov-13 15:44pm
   
Hi there,

Thank you very much for the quick response, I am getting an error when testing the login page. The error is as follows:

WebForms UnobtrusiveValidationMode requires a ScriptResourceMapping for 'jquery'. Please add a ScriptResourceMapping named jquery(case-sensitive).
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.InvalidOperationException: WebForms UnobtrusiveValidationMode requires a ScriptResourceMapping for 'jquery'. Please add a ScriptResourceMapping named jquery(case-sensitive).

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:


[InvalidOperationException: WebForms UnobtrusiveValidationMode requires a ScriptResourceMapping for 'jquery'. Please add a ScriptResourceMapping named jquery(case-sensitive).]
System.Web.UI.ClientScriptManager.EnsureJqueryRegistered() +2170338
System.Web.UI.WebControls.BaseValidator.RegisterUnobtrusiveScript() +10
System.Web.UI.WebControls.BaseValidator.OnPreRender(EventArgs e) +9575857
System.Web.UI.Control.PreRenderRecursiveInternal() +83
System.Web.UI.Control.PreRenderRecursiveInternal() +168
System.Web.UI.Control.PreRenderRecursiveInternal() +168
System.Web.UI.Control.PreRenderRecursiveInternal() +168
System.Web.UI.Control.PreRenderRecursiveInternal() +168
System.Web.UI.Control.PreRenderRecursiveInternal() +168
System.Web.UI.Control.PreRenderRecursiveInternal() +168
System.Web.UI.Control.PreRenderRecursiveInternal() +168
System.Web.UI.Control.PreRenderRecursiveInternal() +168
System.Web.UI.Control.PreRenderRecursiveInternal() +168
System.Web.UI.Control.PreRenderRecursiveInternal() +168
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +974


Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.18055

How do I correct this error.....
Member 9142936 14-Nov-13 9:20am
   
There are two things that I need help with, the first thing is that I have to assign a role to the membership manually. I would like the members role to be automatically setup as a user right away when the member registers. The second thing is that the data ownership is not assigned to user to many.

Can anyone help?

Thanks

ASW

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)




CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900