help me with an error please

Question

2.50/5 (2 votes)

See more:

i have login form
in that form username and password text box is there an login button.

if i give correct username and password it will go to next form,

my error is,

but i give correct username and password is incorrect it have to show msg box like invalid password.
but mine is not showing its shows error like

"ERROR"       "Invalid attempt to read when no data is present."

i will paste my code here:

C#

private void btnLogin_Click(object sender, EventArgs e)
{

   SqlConnection con = new SqlConnection(
   "Data Source=GITTWO-PC\\sql2008R2;Initial Catalog=Application;Integrated Security=SSPI");
           
   con.Open();
          
   SqlCommand cmd = new SqlCommand("select USERNAME,PASSWORD from tblUser where USERNAME='" + textBox1.Text + "' and PASSWORD='" + textBox2.Text + " '", con);
   cmd.ExecuteNonQuery();
   SqlDataReader dr = cmd.ExecuteReader();

   if (dr.Read())
   {
      string Uname = textBox1.Text;
      string PWord = textBox2.Text;

      if (dr["USERNAME"].ToString() == Uname && dr["PASSWORD"].ToString() == PWord)
      {
         Form2 frm = new Form2();
         frm.Show();
      }
      else
      {
         if (dr["USERNAME"].ToString() != Uname)
         {
            MessageBox.Show("Invalid User Name", "Invalid User Name");
            textBox1.Clear();
            textBox1.Focus();
         }
         else if (dr["PASSWORD"].ToString() != PWord)
         {
            MessageBox.Show("Invalid Password", "Invalid Password");
            textBox2.Clear();
            textBox2.Focus();
         }
      }
   }
   else
   {
      string Uname = textBox1.Text;
      string PWord = textBox2.Text;
      if (dr["USERNAME"].ToString() != Uname)
      {
         MessageBox.Show("Invalid User Name", "Invalid User Name");
         textBox1.Clear();
         textBox1.Focus();
      }
      else if (dr["PASSWORD"].ToString() != PWord)
      {
         MessageBox.Show("Invalid Password", "Invalid Password");
         textBox2.Clear();
         textBox2.Focus();
      }
   }

   dr.Close();
   cmd.Dispose();
}

Posted 27-Aug-14 0:01am

krish.krish

Updated 27-Aug-14 0:12am

Nelek

v4

Add a Solution

Comments

ClimerChinna 27-Aug-14 6:05am

r u having any data in tbluser table

krish.krish 27-Aug-14 6:08am

YES

ClimerChinna 27-Aug-14 6:12am

look at solution1

krish.krish 27-Aug-14 6:18am

i want to show if i give wrong password it should show that the password is incorrect,and like if i give wrong username it should show that username is incorrect and like if i give username and password is wrong it have to show invalid username,password.

i want 3 type of error msgs.
did you undestand

ClimerChinna 27-Aug-14 6:34am

heyyy,i have changed solution1 again,please check it

krish.krish 27-Aug-14 6:43am

thank you so much it working

coded007 27-Aug-14 6:09am

your data row doesnot have any data with in it

krish.krish 27-Aug-14 6:12am

IF i give username like admin and password like admin it will go to next form, so datarow is having data correct. if i give wrong password or wrong username it have to show msg box

krish.krish 27-Aug-14 6:13am

but here that msg box is not showing

ClimerChinna 27-Aug-14 6:15am

check solution1

Sanchayeeta 27-Aug-14 6:28am

in else portion of dr.Read()
bellow condition is checked
if (dr["USERNAME"].ToString() != Uname)

it wont have any record so this checking giving exception.

Solution 1 is correct answer.

krish.krish 27-Aug-14 6:34am

that it not checking again again same error

ClimerChinna 27-Aug-14 6:37am

heyyy,i have changed solution1 again,check it

Herman<T>.Instance 27-Aug-14 7:50am

you add a space after your password -> + " '". Ain't that the problem?

3 solutions

Solution 2

Why calling cmd.ExecuteNonQuery(); ? No need to use it.
Try calling it like this

C#

if (dr.HasRows)
        {
            while (dr.Read())
            {
               //code
            }
        }

Posted 27-Aug-14 0:16am

Dilan Shaminda

Solution 3

I believe your issue is because you are running

cmd.ExecuteNonQuery();
Than
cmd.ExecuteReader();

Try commenting out cmd.ExecuteNonQuery();

Posted 27-Aug-14 0:17am

Pheonyx

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

ClimerChinna · Accepted Answer · 2014-08-27T00:11:00

check below code you need to create a stored procedure for this purpose as below

SQL

create procedure Validateuser
@username nvarchar(100),
@password nvarchar(100),
@result int output
AS
begin
	if exists(select * from tblUser where USERNAME=@username and PASSWORD=@password)
	BEGIN
		SET @result=1 --valid user
	END
	else
	BEGIN
		if exists(select * from tblUser where USERNAME=@username)
		BEGIN
			SET @result=2 --wrong password
		END
		else
		BEGIN 
			if exists(select * from tblUser where PASSWORD=@password)
			BEGIN
				SET @result=3 --wrong username
			END
			else 
			BEGIN
				SET @result=4  --wrong username and password
			END
		END
	END
end

now in your button click event write like this

C#

private void btnLogin_Click(object sender, EventArgs e)
{
   SqlConnection con = new SqlConnection(
"Data Source=GITTWO-PC\\sql2008R2;Initial Catalog=Application;Integrated Security=SSPI");
 
   con.Open();
 
   SqlCommand cmd = new SqlCommand("validateuser", conn);
            cmd.CommandType = CommandType.StoredProcedure;
            cmd.Parameters.AddWithValue("@username", TextBox1.Text);
            cmd.Parameters.AddWithValue("@password", TextBox2.Text);
            cmd.Parameters.Add("@result", SqlDbType.Int).Direction = ParameterDirection.Output;
            cmd.ExecuteNonQuery();
            int result=int.Parse(cmd.Parameters["@result"].Value.ToString())
                if(result==1)
                {
                    Form2 frm = new Form2();
      frm.Show();
                }
            else if (result==2)
            {
                MessageBox.Show("Invalid Password", "Invalid Password");
            }
                else if (result==3)
            {
                MessageBox.Show("Invalid User Name", "Invalid User Name");
            }
             else if (result==4)
            {
                MessageBox.Show("Invalid User Name & Password", "Invalid User Name & Password");
            }
			con.Close();
}