ASP.NET Database Login

Submitted on: 1/1/2015 1:58:00 AM
By: Robert L Long (from psc cd)  
Level: Intermediate
User Rating: By 12 Users
Compatibility: ASP.NET
Views: 4857
     This is for all you ASP programmers out there looking for a way to validate users against a SQL database and are used to the old ADO RecordSource.EOF way like myself. You must change to represent your database.

<%@ Page Language="vb" AutoEventWireup="false" Codebehind="index.aspx.vb" Inherits="VirtualManagement.Login"%>
<%@ Register TagPrefix="uc1" TagName="Menu" Src="Menu.ascx" %>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
    <meta content="False" name="vs_showGrid">
    <meta content="Microsoft Visual Studio.NET 7.0" name="GENERATOR">
    <meta content="Visual Basic 7.0" name="CODE_LANGUAGE">
    <meta content="JavaScript" name="vs_defaultClientScript">
    <meta content="" name="vs_targetSchema">
    <script language="VB" runat="server">

    Sub Login_Click(Sender As Object, E As EventArgs)
        ' Robert Long
        ' This is for all you ASP programmers out there looking for
        ' a way to validate users against a SQL database and are used to
        ' the old ADO RecordSource.EOF way like myself.

        Dim StrUser As String, StrPass As String
        Dim BValid As Boolean
        Dim ConVM As SqlConnection
        Dim CmdCoInfo As SqlCommand
        Dim DrCoInfo As SqlDataReader
        Dim StrSQL As String

        ' We will request all variables from our form with this.
        ' Look Mom "No QueryStrings".

        StrUser = TxtUser.Text
        StrPass = TxtPass.Text

        ' This is our boolean variable for validation purposes set to true if valid user
        BValid = False

        ' Initialize Database Connection
        ' Use whatever server you have

        ConVM = New SqlConnection("Server=MyServer\NetSDK;UID=sa;PWD=;Database=Pubs")

        ' Create Select Command
        ' Also, notice that it is only selecting a record if the username/password match
        ' Otherwise it selects nothing
        ' Make sure you change to match your variables

        StrSQL = "SELECT * FROM Pubs WHERE UserName='" & StrUser & "'"
        CmdCoInfo = New SqlCommand(StrSQL, ConVM)

        ' Retrieve the record that matches the username/password

        DrCoInfo = CmdCoInfo.ExecuteReader()

        ' This acts like the (Not RecordSource.Eof) in ASP 3.0
        While DrCoInfo.Read()
            If DrCoInfo("UserName") <> "" And DrCoInfo("Password") <> "" Then
                '(Optional) Write the username to a cookie to personilize the site
                Response.Cookies("ValidUser").Value = DrCoInfo("UserName")
                Response.Cookies("ValidUser").Expires = DateTime.Now.AddMonths(1)
                BValid = True
            End If
        End While

        ' Don't forget this


        ' This handles all response per validation
        ' If validated it goes to a welcome.aspx page

        If BValid = True Then
        ElseIf BValid = False Then
        LblError.Text = "Login Error: Please try again."
        End If
        End Sub

<body bottomMargin="0" bgColor="gray" leftMargin="0" topMargin="0" rightMargin="0" MS_POSITIONING="GridLayout">
<form runat="server">
<asp:panel id="PnlLogin" style="Z-INDEX: 101; LEFT: 29px; POSITION: absolute; TOP: 72px" runat="server" HorizontalAlign="Center" Height="184px" BorderColor="Transparent" BorderWidth="2px" BorderStyle="Outset" BackColor="LightSteelBlue" Width="326px">
<asp:Label id="LblUser" runat="server" Width="73px" Font-Names="Arial" Font-Size="X-Small">Username</asp:Label>
<asp:TextBox id="TxtUser" runat="server" Width="120px" BackColor="Azure" Height="20px"></asp:TextBox></P>
<asp:Label id="LblPass" runat="server" Width="73px" Font-Names="Arial" Font-Size="X-Small">Password</asp:Label>
<asp:TextBox id="TxtPass" runat="server" Width="120px" BackColor="Azure" Height="20px" TextMode="Password"></asp:TextBox></P>
<asp:Button id="CmdLogin" runat="server" Width="99px" BackColor="Gold" Height="25px" Font-Names="Arial" Font-Size="X-Small" OnServerClick="Login_Click" Text="Log-in Now" ForeColor="Black"></asp:Button></P>
</asp:panel><asp:panel id="PnlTitle" style="Z-INDEX: 102; LEFT: 32px; POSITION: absolute; TOP: 75px" runat="server" HorizontalAlign="Left" Height="19px" BorderColor="Navy" BorderWidth="1px" BorderStyle="Solid" BackColor="DarkBlue" Width="320px" Font-Names="Arial" Font-Size="X-Small" ForeColor="White" Font-Bold="True">&nbsp;Log-on Window</asp:panel>&nbsp;
<asp:Label id="LblError" style="Z-INDEX: 103; LEFT: 46px; POSITION: absolute; TOP: 46px" runat="server"                 Width="288px" Font-Names="Arial Black" ForeColor="Yellow"></asp:Label>



Report Bad Submission
Use this form to tell us if this entry should be deleted (i.e contains no code, is a virus, etc.).
This submission should be removed because:

Your Vote

What do you think of this article (in the Intermediate category)?
(The article with your highest vote will win this month's coding contest!)
Excellent  Good  Average  Below Average  Poor (See voting log ...)

Other User Comments

 There are no comments on this submission.

Add Your Feedback
Your feedback will be posted below and an email sent to the author. Please remember that the author was kind enough to share this with you, so any criticisms must be stated politely, or they will be deleted. (For feedback not related to this particular article, please click here instead.)

To post feedback, first please login.