How Can I Create A If Condition For Read Database Vales And Compare With Textbox Values?

Question

0.00/5 (No votes)

See more:

Basically i have created a software to input data to sql.
and i have created a database to store usernames and logins.

so i have developed a code for read sql data and it will read it successfully.

simply i stored.

names and passwords like
Dilup(User Names) = 1234(Passwords)
Promod(User Names) = 1234(Passwords)
Chatura(User Names) = 1234(Passwords)

C#

SqlConnection cn = new SqlConnection(global::EnQApp.Properties.Settings.Default.Database1ConnectionString);
            string name="";
            string pass ="";
            try {
                cn.Open();
                using (SqlCommand command = new SqlCommand("SELECT * FROM Login", cn))
                {
                    //
                    // Invoke ExecuteReader method.
                    //
                    SqlDataReader reader = command.ExecuteReader();
                    
                    while (reader.Read())
                    {
                        name = reader.GetString(0);  // Name string
                        pass = reader.GetString(1); // Password string   
      
                    }

                    if (name == UName.Text && pass == PWord.Text)
                    {
                        
                        ClassEnq.Uname = UName.Text;
                        MessageBox.Show("Password Accepted");
                        this.Close();
                        setEnableToolStripMenuItem(true);
                        setDisableToolStripMenuItem(false);
                
                    }
                    else
                    {
                        MessageBox.Show("Password Incorrect, Please Re-Enter Your Password");
                        setEnableToolStripMenuItem(false);
                    }
      
                }
    
            }
            catch (Exception ex) { }
            finally { }
        }

so this is my code.

it will read
Promod = password 1234

but when you put dilup and enter 1234 for password
it will throws my else message.

Posted 12-Dec-14 21:01pm

Hemas Ilearn

Updated 12-Dec-14 21:04pm

DamithSL

v2

Add a Solution

Comments

Tomas Takac 13-Dec-14 3:15am

Honestly, you didn't progress much since last time. Your credential verification logic is even worse: How Do I Create Intergrated Database With C# Application?[^]

Tomas Takac 13-Dec-14 3:21am

Hah, I knew I already answered this! You know, you are supposed to not re-post the same question, right? how to compare txtbox values with db values?[^]

2 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

DamithSL · Answer 1 · 2014-12-12T21:10:00

you can use sql statement like below

SQL

select count(*) Login where Name =@Name and Pass =@Pass

then you will get 0 or 1 for given inputs, if you get 1 means both user name and password as correct and record exist, that means user login success. otherwise login failed.

you need to learn few best practices, don't store plan passwords, check
Password Storage: How to do it.[^]
in above sql statement I have use parameters[^]. they are safe and you can avoid sql injection attacks
above sql statement give you one value, so you can use commad.ExcuteScaler method[^] retrieve the value

JayantaChatterjee · Answer 2 · 2014-12-12T21:12:00

C#

SqlConnection cn = new SqlConnection(global::EnQApp.Properties.Settings.Default.Database1ConnectionString);
string name="";
string pass ="";
try {
cn.Open();
using (SqlCommand command = new SqlCommand("SELECT * FROM Login where userID='"+UName.Text+"' and password='"+PWord.Text+"'", cn))
{
//
// Invoke ExecuteReader method.
//
SqlDataReader reader = command.ExecuteReader();

if(reader.Read())
{
name = reader.GetString(0); // Name string
pass = reader.GetString(1); // Password string 
if (name.Equals(UName.Text) && pass.Equals(PWord.Text))
{

ClassEnq.Uname = UName.Text;
MessageBox.Show("Password Accepted");
this.Close();
setEnableToolStripMenuItem(true);
setDisableToolStripMenuItem(false);
}
else
{
MessageBox.Show("Password Incorrect, Please Re-Enter Your Password");
setEnableToolStripMenuItem(false);

}
}
else
{
MessageBox.Show("Password Incorrect, Please Re-Enter Your Password");
setEnableToolStripMenuItem(false);

}
}
}
catch (Exception ex) { }
finally { }
}

try this...

How Can I Create A If Condition For Read Database Vales And Compare With Textbox Values?

2 solutions

Solution 1

Solution 2

Add your solution here

Preview 0