Click here to Skip to main content
15,747,637 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
<pre lang="text">
i have two windows form app one of them server and the other client , the client have a screen that lets the user enter the username and pass. the problem is how to send user name and password to the server that is connected to a database , and return the result of the operation to client . i am programming using any advice

Basically, you need connection and communication based on TCP, which is the lowest level you need. It can be done on one of several different levels of networking, remoting or WCF.
Please see my overview of these approaches in my past solutions:
how i can send byte[] to other pc[^],
Communication b/w two Windows applications on LAN.[^].

Share this answer
Member 10304968 9-Dec-13 18:01pm    
thank u i have used two sockets, and i separated between the username and password with a special char , and used the socket.send() , socket.receive() methods
Try out Integra Client/Server API at
Share this answer
In Win Forms, the client is connected to the server (and vice-versa) using the WinSock API. It is a relatively straight forward process. MSDN's documentation, Running the Winsock Client and Server Code Sample[^], should help.

By the way, you should perform encryption on the data being passed between the client and the server. There are a number of ways to accomplish this but you must insure that the password passed between client and server is encrypted and that the password that is stored in the database is protected.
Share this answer
Sergey Alexandrovich Kryukov 8-Dec-13 22:33pm    
The idea of "storing" а password in a database is really, really bad. In any systems not illiterate from the security standpoint, passwords (in a literate meaning of this word) are never stored, this is absolutely not needed for authentication. Instead, their cryptographic hash function is stored, and hash is compared with hash. And hash is not "encryption" at all. The idea of using "encryption" is also a very dangerous one, because, unlike the hash, everything encrypted can be decrypted. Remember the actual password should be kept secret even from all of the administrators, regardless the access privileges.

Maybe you did not mean literately "encryption", I don't know. If you mean hash or something combined with hash, it could be fine (I don't know why doing so, but...). Could you honestly tell us, did you know about it, or you really meant "encryption" and storing passwords...

By the way, this is not enough, and HTTPS (or its equivalent) should be used for perfect security, which is a separate topic...

gggustafson 9-Dec-13 8:53am    
You are putting words in my mouth. I take umbrage at that.

I stated that transmission from client to server should be encrypted. Do you disagree?

I stated that the password in the database must be protected. Do you disagree?

I never discussed hashes. Because the OP appears to be relatively new at this topic, I just warned that certain security measures be taken. If discussions of how to use hashing algorithms and salting are needed, a web search will return what OP requires.
Sergey Alexandrovich Kryukov 9-Dec-13 10:08am    
Sorry if I put words in your mouth. I tried to mention that I am not certain that you mean exactly this ("I don't know"). But here is the thing: if I put some words in you mouth because I misunderstood you, anyone else could misunderstand you in the same way. What I try to point out is a very common mistake, a really big one.

It is very easy to think that "password passed between client and server is encrypted" means encryption of passwords and not hashing it.

It is very easy to think that "the password that is stored" means that you advise to store password. And a password should never ever stored. (Do you disagree?)

And now, you are changing the topic to some other fragments of your text, much less questionable, and ask me "Do you disagree?". You still go away from the real big issue. And now: you can avoid discussing hashing, but you cannot do it when you mention password encryption. Nobody pulled these words out of you mouse...

From your objection, I still cannot see that you really understand the security issue related to the password use.

gggustafson 9-Dec-13 10:15am    
Don't you read?
Sergey Alexandrovich Kryukov 9-Dec-13 10:25am    
Sorry, I don't understand. Which part you think I did not read?

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900