C# sql how do i prevent multiple usernames being inserted

Question

0.00/5 (No votes)

See more:

I have a form in my windows form application that is for admin users so that they can add,edit and delete users. The problem i have is that admin can insert a new user which has the same username as another user which results in both users having duplicate usernames when logging into the system.

how can i prevent admin from inserting an already taken username when creating new accounts in the database.

C#

SqlConnection con = new SqlConnection(@"Data Source=(LocalDB)\v11.0;AttachDbFilename=|DataDirectory|Data.mdf;Integrated Security=True");
                con.Open();
                SqlDataAdapter sda = new SqlDataAdapter("INSERT INTO Login (FirstName,Role,Username,Password,Surname) VALUES ('" + txtfirstname2.Text + "','" + rolecombo.Text + "','" + txtusername2.Text + "','" + txtpassword2.Text + "','" + txtsurname.Text + "')", con);
                sda.SelectCommand.ExecuteNonQuery();
                con.Close();
                MessageBox.Show("SAVED SUCCESSFULLY !!!!!");

What I have tried:

I have looked across many articles which suggested adding an identity to usernames to make them unique, since i already have an ID column in the table which has an identity, i can not use the solution so therefore I need a simpler solution such as the system throwing a messagebox if username is duplicate but i'm not sure how to do that.

Posted 9-Mar-16 10:59am

Member 12381237

Updated 9-Mar-16 11:28am

Add a Solution

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Sascha Lefèvre · Accepted Answer · 2016-03-09T11:28:00

Solution 1

You can define columns as unique without them being an identity column. Nonetheless I would check whether a username already exists and not wait for the database code to throw an exception.

Apart from that: DON'T EVER use string-concatenation to build SQL-statements. Your code becomes susceptible to SQL-injection! Use SQL-Parameters instead.

Posted 9-Mar-16 11:28am

Sascha Lefèvre

Updated 9-Mar-16 12:23pm

v2

Comments

Member 12381237 9-Mar-16 18:01pm

How would i check to see if username already exists in my code?

Sascha Lefèvre 9-Mar-16 18:12pm

With a select query :) e.g.:
SELECT 1 FROM [Users] WHERE [UserName] = @username;
(The last bit is a name of an SQL-parameter, which you should use.)

Member 12381237 9-Mar-16 18:14pm

Thanks and yes i will use SQL - parameters in the future, just making a really basic application at the moment.

Sascha Lefèvre 9-Mar-16 18:19pm

You're welcome! :)