how to compare txtbox values with db values?

Question

0.00/5 (No votes)

See more:

i just need to compare my text box values with db values and according to that i need to throw a message saying successful if its correct, if its wrong it will return unsuccessful message.

C#

SqlConnection cn = new SqlConnection(global::EnQApp.Properties.Settings.Default.Database1ConnectionString);

            try {
                cn.Open();
                using (SqlCommand command = new SqlCommand("SELECT * FROM Login", cn))
                {
                    //
                    // Invoke ExecuteReader method.
                    //
                    SqlDataReader reader = command.ExecuteReader();
                    while (reader.Read())
                    {
                        string name = reader.GetString(0);  // Name string
                        string pass = reader.GetString(1); // Password string

                        string txtname = UName.Text;
                        string txtpword = PWord.Text;

                        if (txtname == name && txtpword == pass)
                        {
                            MessageBox.Show("Password Accepted");
                            this.Close();
                        }
                        else
                        {
                            MessageBox.Show("Password Not Valid");
                        }
      
                    }

            }
            catch (Exception ex) { }
            finally { }
        }

Posted 7-Dec-14 23:01pm

Hemas Ilearn

Updated 7-Dec-14 23:04pm

v2

Add a Solution

Comments

Richard MacCutchan 8-Dec-14 5:03am

So what is your question?

And if you are storing passwords in your database without hashing them then you are leaving yourself wide open to hacker attacks. Learn how to store passwords securely.

Hemas Ilearn 8-Dec-14 5:06am

i'm just reading login name password and i want compare those with my textbox values?
actually this is just a basic program?

3 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Tomas Takac · Answer 1 · 2014-12-07T23:26:00

You should only read the one record from database for the given user user name. Then compare the retrieved password to the one in text box:

C#

using (SqlCommand command = new SqlCommand("SELECT pass FROM Login WHERE uname = @uname", cn))
{
	command.Parameters.AddWithValue("@uname", UName.Text);
	string pass = (string)command.ExecuteScalar();

	if (PWord.Text == pass)
	{
		MessageBox.Show("Password Accepted");
		this.Close();
	}
	else
	{
		MessageBox.Show("Password Not Valid");
	}	
}

This is IMO the easiest you can do right now. Please note that this doesn't handle the situation if the user is not in the database at all. And you shouldn't store password in plain text as already pointed out in the comments.

OriginalGriff · Answer 2 · 2014-12-07T23:23:00

Please, don't do that!
Firstly, it's spectacularly inefficient - why retrieve everybody and then look at their names and passwords? SQL has a WHERE clause that lets you say "I'm only interested in these rows".

Secondly, never store passwords in clear text - it is a major security risk. There is some information on how to do it here: Password Storage: How to do it.[^] - the link includes the code.

Mathew Soji · Answer 3 · 2014-12-07T23:57:00

Solution 3

Please refer below link .

comparing textbox values with sql server database[^]

Posted 7-Dec-14 23:57pm

Mathew Soji

how to compare txtbox values with db values?

3 solutions

Solution 2

Solution 1

Solution 3

Add your solution here

Preview 0