Velocity Reviews

Velocity Reviews (http://www.velocityreviews.com/forums/index.php)
-   ASP .Net (http://www.velocityreviews.com/forums/f29-asp-net.html)
-   -   Need some help with login script (http://www.velocityreviews.com/forums/t90845-need-some-help-with-login-script.html)

=?Utf-8?B?Sm9l?= 11-15-2004 09:54 PM
Need some help with login script
 
Hi,

I have MS Access database with a small table that has four columns ID
(Primary Key), page, userid and password. The page column holds the name of
the page which has the login form. The userid and password column contain the
id and password that I am trying to check. You might wonder why I don’t have
only two columns, userid and password. I intend to use this database for
several different login pages. For a particular login page, I may have two or
more userid and password combinations.

I have pasted my asp.net code below. What is happening is that no matter
what is entered by the user, a cookie and written and a user gets access to
secured area. Basically login verification is not working and I am not able
to find the error. I would appreciate if you take a quick look and let me
know where I am making a mistake. As you can see my code is in VB.NET so
please do not write solution in C# because I am a beginner when it comes to
asp.net

Seems that the IF statement is not working

if dtrResults.Read()

Thanks in advance

Joe

Dim DBConn As OleDbConnection
Dim DSLogin As New DataSet
Dim CmdStr As String
Dim DBCmd As New OleDbCommand
Dim DBSelect As New OleDbCommand
Dim pathStr As String
Dim dtrResults As OleDBDataReader
Dim TheDomain As String
Dim ThePath As String

pathStr = "E:\mole"
DBConn = New OleDbConnection("PROVIDER=Microsoft.Jet.OLEDB.4.0; " _
& "DATA SOURCE=" _
& pathStr + "\databases\xyz.mdb")
DBConn.Open()

CmdStr =("Select userid, password from logins Where page = abc' AND
userid= @uid AND password = @Password")
DBSelect = new OleDbCommand(CmdStr, DBconn)
DBSelect.Parameters.Add("@uid", OleDbType.VarChar, 255)
DBSelect.Parameters("@uid").Value = txtUserID.Text
DBSelect.Parameters.Add("@Password", OleDbType.VarChar, 255)
DBSelect.Parameters("@Password").Value = txtPwd.Text
dtrResults = DBSelect.ExecuteReader()
if dtrResults.Read()
dtrResults.Close()
DBConn.Close()
lblMessage.Text = "Please enter correct login info."
Response.Redirect("wp_request.aspx?y=007")
else
dtrResults.Close()
CmdStr = "Insert into users ([name], [company], [email], [request_date],
[ip], [userid], [password]) values ('" & txtName.Text & "','" &
txtCompany.Text & "','" & txtEmail.Text & "','" & DateTime.Now() & "','" &
Request.UserHostAddress() & "','" & txtUserID.Text & "','" & txtPwd.Text &
"')"
DBCmd = New OleDbCommand(CmdStr, DBConn)
DBCmd.ExecuteNonQuery()

DBConn.Close()

TheDomain = ".www.something.com"
ThePath = "/somefoldeer"
Response.Cookies("Somecookie").Value = txtName.Text '("ID")
Response.Cookies("Somecookie ").Expires = DateTime.Now.AddDays(1)
'DateAdd("d", 1, Now()) '#Dec 31, 2004#
Response.Cookies("Somecookie").Domain = TheDomain
Response.Cookies("Somecookie").Path = ThePath

Response.redirect("constructor.aspx?y=")
End If

=?Utf-8?B?Sm9l?= 11-15-2004 10:21 PM
RE: Need some help with login script
 
I found my mistake.

"Joe" wrote:

> Hi,
>
> I have MS Access database with a small table that has four columns ID
> (Primary Key), page, userid and password. The page column holds the name of
> the page which has the login form. The userid and password column contain the
> id and password that I am trying to check. You might wonder why I don’t have
> only two columns, userid and password. I intend to use this database for
> several different login pages. For a particular login page, I may have two or
> more userid and password combinations.
>
> I have pasted my asp.net code below. What is happening is that no matter
> what is entered by the user, a cookie and written and a user gets access to
> secured area. Basically login verification is not working and I am not able
> to find the error. I would appreciate if you take a quick look and let me
> know where I am making a mistake. As you can see my code is in VB.NET so
> please do not write solution in C# because I am a beginner when it comes to
> asp.net
>
> Seems that the IF statement is not working
>
> if dtrResults.Read()
>
> Thanks in advance
>
> Joe
>
> Dim DBConn As OleDbConnection
> Dim DSLogin As New DataSet
> Dim CmdStr As String
> Dim DBCmd As New OleDbCommand
> Dim DBSelect As New OleDbCommand
> Dim pathStr As String
> Dim dtrResults As OleDBDataReader
> Dim TheDomain As String
> Dim ThePath As String
>
> pathStr = "E:\mole"
> DBConn = New OleDbConnection("PROVIDER=Microsoft.Jet.OLEDB.4.0; " _
> & "DATA SOURCE=" _
> & pathStr + "\databases\xyz.mdb")
> DBConn.Open()
>
> CmdStr =("Select userid, password from logins Where page = abc' AND
> userid= @uid AND password = @Password")
> DBSelect = new OleDbCommand(CmdStr, DBconn)
> DBSelect.Parameters.Add("@uid", OleDbType.VarChar, 255)
> DBSelect.Parameters("@uid").Value = txtUserID.Text
> DBSelect.Parameters.Add("@Password", OleDbType.VarChar, 255)
> DBSelect.Parameters("@Password").Value = txtPwd.Text
> dtrResults = DBSelect.ExecuteReader()
> if dtrResults.Read()
> dtrResults.Close()
> DBConn.Close()
> lblMessage.Text = "Please enter correct login info."
> Response.Redirect("wp_request.aspx?y=007")
> else
> dtrResults.Close()
> CmdStr = "Insert into users ([name], [company], [email], [request_date],
> [ip], [userid], [password]) values ('" & txtName.Text & "','" &
> txtCompany.Text & "','" & txtEmail.Text & "','" & DateTime.Now() & "','" &
> Request.UserHostAddress() & "','" & txtUserID.Text & "','" & txtPwd.Text &
> "')"
> DBCmd = New OleDbCommand(CmdStr, DBConn)
> DBCmd.ExecuteNonQuery()
>
> DBConn.Close()
>
> TheDomain = ".www.something.com"
> ThePath = "/somefoldeer"
> Response.Cookies("Somecookie").Value = txtName.Text '("ID")
> Response.Cookies("Somecookie ").Expires = DateTime.Now.AddDays(1)
> 'DateAdd("d", 1, Now()) '#Dec 31, 2004#
> Response.Cookies("Somecookie").Domain = TheDomain
> Response.Cookies("Somecookie").Path = ThePath
>
> Response.redirect("constructor.aspx?y=")
> End If
>

=?Utf-8?B?UGF0cmljay5PLklnZQ==?= 11-15-2004 10:50 PM
RE: Need some help with login script
 
Joe what was it?
Interesting to know!

"Joe" wrote:

> I found my mistake.
>
> "Joe" wrote:
>
> > Hi,
> >
> > I have MS Access database with a small table that has four columns ID
> > (Primary Key), page, userid and password. The page column holds the name of
> > the page which has the login form. The userid and password column contain the
> > id and password that I am trying to check. You might wonder why I don’t have
> > only two columns, userid and password. I intend to use this database for
> > several different login pages. For a particular login page, I may have two or
> > more userid and password combinations.
> >
> > I have pasted my asp.net code below. What is happening is that no matter
> > what is entered by the user, a cookie and written and a user gets access to
> > secured area. Basically login verification is not working and I am not able
> > to find the error. I would appreciate if you take a quick look and let me
> > know where I am making a mistake. As you can see my code is in VB.NET so
> > please do not write solution in C# because I am a beginner when it comes to
> > asp.net
> >
> > Seems that the IF statement is not working
> >
> > if dtrResults.Read()
> >
> > Thanks in advance
> >
> > Joe
> >
> > Dim DBConn As OleDbConnection
> > Dim DSLogin As New DataSet
> > Dim CmdStr As String
> > Dim DBCmd As New OleDbCommand
> > Dim DBSelect As New OleDbCommand
> > Dim pathStr As String
> > Dim dtrResults As OleDBDataReader
> > Dim TheDomain As String
> > Dim ThePath As String
> >
> > pathStr = "E:\mole"
> > DBConn = New OleDbConnection("PROVIDER=Microsoft.Jet.OLEDB.4.0; " _
> > & "DATA SOURCE=" _
> > & pathStr + "\databases\xyz.mdb")
> > DBConn.Open()
> >
> > CmdStr =("Select userid, password from logins Where page = abc' AND
> > userid= @uid AND password = @Password")
> > DBSelect = new OleDbCommand(CmdStr, DBconn)
> > DBSelect.Parameters.Add("@uid", OleDbType.VarChar, 255)
> > DBSelect.Parameters("@uid").Value = txtUserID.Text
> > DBSelect.Parameters.Add("@Password", OleDbType.VarChar, 255)
> > DBSelect.Parameters("@Password").Value = txtPwd.Text
> > dtrResults = DBSelect.ExecuteReader()
> > if dtrResults.Read()
> > dtrResults.Close()
> > DBConn.Close()
> > lblMessage.Text = "Please enter correct login info."
> > Response.Redirect("wp_request.aspx?y=007")
> > else
> > dtrResults.Close()
> > CmdStr = "Insert into users ([name], [company], [email], [request_date],
> > [ip], [userid], [password]) values ('" & txtName.Text & "','" &
> > txtCompany.Text & "','" & txtEmail.Text & "','" & DateTime.Now() & "','" &
> > Request.UserHostAddress() & "','" & txtUserID.Text & "','" & txtPwd.Text &
> > "')"
> > DBCmd = New OleDbCommand(CmdStr, DBConn)
> > DBCmd.ExecuteNonQuery()
> >
> > DBConn.Close()
> >
> > TheDomain = ".www.something.com"
> > ThePath = "/somefoldeer"
> > Response.Cookies("Somecookie").Value = txtName.Text '("ID")
> > Response.Cookies("Somecookie ").Expires = DateTime.Now.AddDays(1)
> > 'DateAdd("d", 1, Now()) '#Dec 31, 2004#
> > Response.Cookies("Somecookie").Domain = TheDomain
> > Response.Cookies("Somecookie").Path = ThePath
> >
> > Response.redirect("constructor.aspx?y=")
> > End If
> >

=?Utf-8?B?Sm9l?= 11-15-2004 10:54 PM
RE: Need some help with login script
 
I should have put if not dtrResults.Read() Then
instead of if dtrResults.Read() Then.




"Patrick.O.Ige" wrote:

> Joe what was it?
> Interesting to know!
>
> "Joe" wrote:
>
> > I found my mistake.
> >
> > "Joe" wrote:
> >
> > > Hi,
> > >
> > > I have MS Access database with a small table that has four columns ID
> > > (Primary Key), page, userid and password. The page column holds the name of
> > > the page which has the login form. The userid and password column contain the
> > > id and password that I am trying to check. You might wonder why I don’t have
> > > only two columns, userid and password. I intend to use this database for
> > > several different login pages. For a particular login page, I may have two or
> > > more userid and password combinations.
> > >
> > > I have pasted my asp.net code below. What is happening is that no matter
> > > what is entered by the user, a cookie and written and a user gets access to
> > > secured area. Basically login verification is not working and I am not able
> > > to find the error. I would appreciate if you take a quick look and let me
> > > know where I am making a mistake. As you can see my code is in VB.NET so
> > > please do not write solution in C# because I am a beginner when it comes to
> > > asp.net
> > >
> > > Seems that the IF statement is not working
> > >
> > > if dtrResults.Read()
> > >
> > > Thanks in advance
> > >
> > > Joe
> > >
> > > Dim DBConn As OleDbConnection
> > > Dim DSLogin As New DataSet
> > > Dim CmdStr As String
> > > Dim DBCmd As New OleDbCommand
> > > Dim DBSelect As New OleDbCommand
> > > Dim pathStr As String
> > > Dim dtrResults As OleDBDataReader
> > > Dim TheDomain As String
> > > Dim ThePath As String
> > >
> > > pathStr = "E:\mole"
> > > DBConn = New OleDbConnection("PROVIDER=Microsoft.Jet.OLEDB.4.0; " _
> > > & "DATA SOURCE=" _
> > > & pathStr + "\databases\xyz.mdb")
> > > DBConn.Open()
> > >
> > > CmdStr =("Select userid, password from logins Where page = abc' AND
> > > userid= @uid AND password = @Password")
> > > DBSelect = new OleDbCommand(CmdStr, DBconn)
> > > DBSelect.Parameters.Add("@uid", OleDbType.VarChar, 255)
> > > DBSelect.Parameters("@uid").Value = txtUserID.Text
> > > DBSelect.Parameters.Add("@Password", OleDbType.VarChar, 255)
> > > DBSelect.Parameters("@Password").Value = txtPwd.Text
> > > dtrResults = DBSelect.ExecuteReader()
> > > if dtrResults.Read()
> > > dtrResults.Close()
> > > DBConn.Close()
> > > lblMessage.Text = "Please enter correct login info."
> > > Response.Redirect("wp_request.aspx?y=007")
> > > else
> > > dtrResults.Close()
> > > CmdStr = "Insert into users ([name], [company], [email], [request_date],
> > > [ip], [userid], [password]) values ('" & txtName.Text & "','" &
> > > txtCompany.Text & "','" & txtEmail.Text & "','" & DateTime.Now() & "','" &
> > > Request.UserHostAddress() & "','" & txtUserID.Text & "','" & txtPwd.Text &
> > > "')"
> > > DBCmd = New OleDbCommand(CmdStr, DBConn)
> > > DBCmd.ExecuteNonQuery()
> > >
> > > DBConn.Close()
> > >
> > > TheDomain = ".www.something.com"
> > > ThePath = "/somefoldeer"
> > > Response.Cookies("Somecookie").Value = txtName.Text '("ID")
> > > Response.Cookies("Somecookie ").Expires = DateTime.Now.AddDays(1)
> > > 'DateAdd("d", 1, Now()) '#Dec 31, 2004#
> > > Response.Cookies("Somecookie").Domain = TheDomain
> > > Response.Cookies("Somecookie").Path = ThePath
> > >
> > > Response.redirect("constructor.aspx?y=")
> > > End If
> > >

=?Utf-8?B?UGF0cmljay5PLklnZQ==?= 11-16-2004 04:25 AM
RE: Need some help with login script
 
Good its working.. and u found your errors!


"Joe" wrote:

> I should have put if not dtrResults.Read() Then
> instead of if dtrResults.Read() Then.
>
>
>
>
> "Patrick.O.Ige" wrote:
>
> > Joe what was it?
> > Interesting to know!
> >
> > "Joe" wrote:
> >
> > > I found my mistake.
> > >
> > > "Joe" wrote:
> > >
> > > > Hi,
> > > >
> > > > I have MS Access database with a small table that has four columns ID
> > > > (Primary Key), page, userid and password. The page column holds the name of
> > > > the page which has the login form. The userid and password column contain the
> > > > id and password that I am trying to check. You might wonder why I don’t have
> > > > only two columns, userid and password. I intend to use this database for
> > > > several different login pages. For a particular login page, I may have two or
> > > > more userid and password combinations.
> > > >
> > > > I have pasted my asp.net code below. What is happening is that no matter
> > > > what is entered by the user, a cookie and written and a user gets access to
> > > > secured area. Basically login verification is not working and I am not able
> > > > to find the error. I would appreciate if you take a quick look and let me
> > > > know where I am making a mistake. As you can see my code is in VB.NET so
> > > > please do not write solution in C# because I am a beginner when it comes to
> > > > asp.net
> > > >
> > > > Seems that the IF statement is not working
> > > >
> > > > if dtrResults.Read()
> > > >
> > > > Thanks in advance
> > > >
> > > > Joe
> > > >
> > > > Dim DBConn As OleDbConnection
> > > > Dim DSLogin As New DataSet
> > > > Dim CmdStr As String
> > > > Dim DBCmd As New OleDbCommand
> > > > Dim DBSelect As New OleDbCommand
> > > > Dim pathStr As String
> > > > Dim dtrResults As OleDBDataReader
> > > > Dim TheDomain As String
> > > > Dim ThePath As String
> > > >
> > > > pathStr = "E:\mole"
> > > > DBConn = New OleDbConnection("PROVIDER=Microsoft.Jet.OLEDB.4.0; " _
> > > > & "DATA SOURCE=" _
> > > > & pathStr + "\databases\xyz.mdb")
> > > > DBConn.Open()
> > > >
> > > > CmdStr =("Select userid, password from logins Where page = abc' AND
> > > > userid= @uid AND password = @Password")
> > > > DBSelect = new OleDbCommand(CmdStr, DBconn)
> > > > DBSelect.Parameters.Add("@uid", OleDbType.VarChar, 255)
> > > > DBSelect.Parameters("@uid").Value = txtUserID.Text
> > > > DBSelect.Parameters.Add("@Password", OleDbType.VarChar, 255)
> > > > DBSelect.Parameters("@Password").Value = txtPwd.Text
> > > > dtrResults = DBSelect.ExecuteReader()
> > > > if dtrResults.Read()
> > > > dtrResults.Close()
> > > > DBConn.Close()
> > > > lblMessage.Text = "Please enter correct login info."
> > > > Response.Redirect("wp_request.aspx?y=007")
> > > > else
> > > > dtrResults.Close()
> > > > CmdStr = "Insert into users ([name], [company], [email], [request_date],
> > > > [ip], [userid], [password]) values ('" & txtName.Text & "','" &
> > > > txtCompany.Text & "','" & txtEmail.Text & "','" & DateTime.Now() & "','" &
> > > > Request.UserHostAddress() & "','" & txtUserID.Text & "','" & txtPwd.Text &
> > > > "')"
> > > > DBCmd = New OleDbCommand(CmdStr, DBConn)
> > > > DBCmd.ExecuteNonQuery()
> > > >
> > > > DBConn.Close()
> > > >
> > > > TheDomain = ".www.something.com"
> > > > ThePath = "/somefoldeer"
> > > > Response.Cookies("Somecookie").Value = txtName.Text '("ID")
> > > > Response.Cookies("Somecookie ").Expires = DateTime.Now.AddDays(1)
> > > > 'DateAdd("d", 1, Now()) '#Dec 31, 2004#
> > > > Response.Cookies("Somecookie").Domain = TheDomain
> > > > Response.Cookies("Somecookie").Path = ThePath
> > > >
> > > > Response.redirect("constructor.aspx?y=")
> > > > End If
> > > >


All times are GMT. The time now is 11:14 PM.

Powered by vBulletin®. Copyright ©2000 - 2013, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.


1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57