code for sql command..

Question

1.00/5 (1 vote)

See more:

what is the code for authenticating the user in c# i used the following code in code filr but it gives me error on username.text and password.text

C#

protected void LoginButton_Click(object sender, EventArgs e)
{
   string connStr = ConfigurationManager.ConnectionStrings["constr"].ConnectionString.ToString();
   SqlConnection con = new SqlConnection("connStr");
   con.Open();

   SqlCommand cmd = new SqlCommand("SELECT stUsername,stPassword FROM User WHERE stUsername='" + UserID.Text + "' and stPassword='" + Password.Text + "'", con);
   con.Close();
}

please give me the full code

Posted 18-Mar-13 5:32am

PATEL BHOOMI

Updated 18-Mar-13 5:37am

fjdiewornncalwe

v3

Add a Solution

Comments

Andy Lanng 18-Mar-13 11:39am

Don't forget to actually run the command ("SqlDataReader r = cmd.ExecuteReader()");
What is the error exactly? what line of code produces the error?

PATEL BHOOMI 18-Mar-13 11:46am

userID.Text and Password.Text gives the error like this..
the name"userID" does not exists in the current context.. and so for password.Text to..
i have used the controls in wed page like this

<div class="accountInfo">
<fieldset class="login">
Account Information
<p>
<asp:Label ID="UserIDLabel" runat="server" AssociatedControlID="UserID">UserID
<asp:TextBox ID="UserID" runat="server" style="margin-left: 18px" >
<asp:RequiredFieldValidator ID="UserIDRequired" runat="server" ControlToValidate="UserID"
CssClass="failureNotification" ErrorMessage="User ID is required." ToolTip="User ID is required."
ValidationGroup="LoginUserValidationGroup">*
</p>
<p>
<asp:Label ID="PasswordLabel" runat="server" AssociatedControlID="Password">Password:
<asp:TextBox ID="Password" runat="server" CssClass="passwordEntry" >
<asp:RequiredFieldValidator ID="PasswordRequired" runat="server" ControlToValidate="Password"
CssClass="failureNotification" ErrorMessage="Password is required." ToolTip="Password is required."
ValidationGroup="LoginUserValidationGroup">*
</p>
<p>
<asp:CheckBox ID="RememberMe" runat="server"/>
<asp:Label ID="RememberMeLabel" runat="server" AssociatedControlID="RememberMe" CssClass="inline">Keep me logged in
</p>
</fieldset>
<p class="submitButton">
<asp:Button ID="LoginButton" runat="server" CommandName="Login" Text="Log In"
ValidationGroup="LoginUserValidationGroup" onload="Page_Load"
PostBackUrl="~/forms/Default.aspx" ondatabinding="Page_Load" />
</p>
</div>

[no name] 18-Mar-13 11:40am

Don't you think that you should tell us what the error is instead of making us guess?

PATEL BHOOMI 18-Mar-13 11:54am

userID.Text and Password.Text gives the error like this..
the name"userID" does not exists in the current context.. and so for password.Text to..

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

fjdiewornncalwe · Answer 1 · 2013-03-18T05:40:00

Solution 1

1) You can't just dump a small snippet of code and ask someone else to write the rest for you. It simply doesn't work that way.
2) When you write a query, use paramaterized queries, not inline concatenation as you have it written. (How To: Paramaterized Queries)
3) You must ensure that the IDs of the textboxes in your UI match those used in your code.

Posted 18-Mar-13 5:40am

fjdiewornncalwe

Comments

Maciej Los 18-Mar-13 12:25pm

Strong words!
Agree, +5!

fjdiewornncalwe 18-Mar-13 13:52pm

Thanks, Maciej