Need some help with login script

Discussion in 'ASP .Net' started by =?Utf-8?B?Sm9l?=, Nov 15, 2004.

  1. Hi,

    I have MS Access database with a small table that has four columns ID
    (Primary Key), page, userid and password. The page column holds the name of
    the page which has the login form. The userid and password column contain the
    id and password that I am trying to check. You might wonder why I don’t have
    only two columns, userid and password. I intend to use this database for
    several different login pages. For a particular login page, I may have two or
    more userid and password combinations.

    I have pasted my asp.net code below. What is happening is that no matter
    what is entered by the user, a cookie and written and a user gets access to
    secured area. Basically login verification is not working and I am not able
    to find the error. I would appreciate if you take a quick look and let me
    know where I am making a mistake. As you can see my code is in VB.NET so
    please do not write solution in C# because I am a beginner when it comes to
    asp.net

    Seems that the IF statement is not working

    if dtrResults.Read()

    Thanks in advance

    Joe

    Dim DBConn As OleDbConnection
    Dim DSLogin As New DataSet
    Dim CmdStr As String
    Dim DBCmd As New OleDbCommand
    Dim DBSelect As New OleDbCommand
    Dim pathStr As String
    Dim dtrResults As OleDBDataReader
    Dim TheDomain As String
    Dim ThePath As String

    pathStr = "E:\mole"
    DBConn = New OleDbConnection("PROVIDER=Microsoft.Jet.OLEDB.4.0;" _
    & "DATA SOURCE=" _
    & pathStr + "\databases\xyz.mdb")
    DBConn.Open()

    CmdStr =("Select userid, password from logins Where page = abc' AND
    userid= @uid AND password = @Password")
    DBSelect = new OleDbCommand(CmdStr, DBconn)
    DBSelect.Parameters.Add("@uid", OleDbType.VarChar, 255)
    DBSelect.Parameters("@uid").Value = txtUserID.Text
    DBSelect.Parameters.Add("@Password", OleDbType.VarChar, 255)
    DBSelect.Parameters("@Password").Value = txtPwd.Text
    dtrResults = DBSelect.ExecuteReader()
    if dtrResults.Read()
    dtrResults.Close()
    DBConn.Close()
    lblMessage.Text = "Please enter correct login info."
    Response.Redirect("wp_request.aspx?y=007")
    else
    dtrResults.Close()
    CmdStr = "Insert into users ([name], [company], , [request_date],
    [ip], [userid], [password]) values ('" & txtName.Text & "','" &
    txtCompany.Text & "','" & txtEmail.Text & "','" & DateTime.Now() & "','" &
    Request.UserHostAddress() & "','" & txtUserID.Text & "','" & txtPwd.Text &
    "')"
    DBCmd = New OleDbCommand(CmdStr, DBConn)
    DBCmd.ExecuteNonQuery()

    DBConn.Close()

    TheDomain = ".www.something.com"
    ThePath = "/somefoldeer"
    Response.Cookies("Somecookie").Value = txtName.Text '("ID")
    Response.Cookies("Somecookie ").Expires = DateTime.Now.AddDays(1)
    'DateAdd("d", 1, Now()) '#Dec 31, 2004#
    Response.Cookies("Somecookie").Domain = TheDomain
    Response.Cookies("Somecookie").Path = ThePath

    Response.redirect("constructor.aspx?y=")
    End If
    =?Utf-8?B?Sm9l?=, Nov 15, 2004
    #1
    1. Advertising

  2. I found my mistake.

    "Joe" wrote:

    > Hi,
    >
    > I have MS Access database with a small table that has four columns ID
    > (Primary Key), page, userid and password. The page column holds the name of
    > the page which has the login form. The userid and password column contain the
    > id and password that I am trying to check. You might wonder why I don’t have
    > only two columns, userid and password. I intend to use this database for
    > several different login pages. For a particular login page, I may have two or
    > more userid and password combinations.
    >
    > I have pasted my asp.net code below. What is happening is that no matter
    > what is entered by the user, a cookie and written and a user gets access to
    > secured area. Basically login verification is not working and I am not able
    > to find the error. I would appreciate if you take a quick look and let me
    > know where I am making a mistake. As you can see my code is in VB.NET so
    > please do not write solution in C# because I am a beginner when it comes to
    > asp.net
    >
    > Seems that the IF statement is not working
    >
    > if dtrResults.Read()
    >
    > Thanks in advance
    >
    > Joe
    >
    > Dim DBConn As OleDbConnection
    > Dim DSLogin As New DataSet
    > Dim CmdStr As String
    > Dim DBCmd As New OleDbCommand
    > Dim DBSelect As New OleDbCommand
    > Dim pathStr As String
    > Dim dtrResults As OleDBDataReader
    > Dim TheDomain As String
    > Dim ThePath As String
    >
    > pathStr = "E:\mole"
    > DBConn = New OleDbConnection("PROVIDER=Microsoft.Jet.OLEDB.4.0;" _
    > & "DATA SOURCE=" _
    > & pathStr + "\databases\xyz.mdb")
    > DBConn.Open()
    >
    > CmdStr =("Select userid, password from logins Where page = abc' AND
    > userid= @uid AND password = @Password")
    > DBSelect = new OleDbCommand(CmdStr, DBconn)
    > DBSelect.Parameters.Add("@uid", OleDbType.VarChar, 255)
    > DBSelect.Parameters("@uid").Value = txtUserID.Text
    > DBSelect.Parameters.Add("@Password", OleDbType.VarChar, 255)
    > DBSelect.Parameters("@Password").Value = txtPwd.Text
    > dtrResults = DBSelect.ExecuteReader()
    > if dtrResults.Read()
    > dtrResults.Close()
    > DBConn.Close()
    > lblMessage.Text = "Please enter correct login info."
    > Response.Redirect("wp_request.aspx?y=007")
    > else
    > dtrResults.Close()
    > CmdStr = "Insert into users ([name], [company], , [request_date],
    > [ip], [userid], [password]) values ('" & txtName.Text & "','" &
    > txtCompany.Text & "','" & txtEmail.Text & "','" & DateTime.Now() & "','" &
    > Request.UserHostAddress() & "','" & txtUserID.Text & "','" & txtPwd.Text &
    > "')"
    > DBCmd = New OleDbCommand(CmdStr, DBConn)
    > DBCmd.ExecuteNonQuery()
    >
    > DBConn.Close()
    >
    > TheDomain = ".www.something.com"
    > ThePath = "/somefoldeer"
    > Response.Cookies("Somecookie").Value = txtName.Text '("ID")
    > Response.Cookies("Somecookie ").Expires = DateTime.Now.AddDays(1)
    > 'DateAdd("d", 1, Now()) '#Dec 31, 2004#
    > Response.Cookies("Somecookie").Domain = TheDomain
    > Response.Cookies("Somecookie").Path = ThePath
    >
    > Response.redirect("constructor.aspx?y=")
    > End If
    >[/color]
    =?Utf-8?B?Sm9l?=, Nov 15, 2004
    #2
    1. Advertising

  3. Joe what was it?
    Interesting to know!

    "Joe" wrote:

    > I found my mistake.
    >
    > "Joe" wrote:
    >
    > > Hi,
    > >
    > > I have MS Access database with a small table that has four columns ID
    > > (Primary Key), page, userid and password. The page column holds the name of
    > > the page which has the login form. The userid and password column contain the
    > > id and password that I am trying to check. You might wonder why I don’t have
    > > only two columns, userid and password. I intend to use this database for
    > > several different login pages. For a particular login page, I may have two or
    > > more userid and password combinations.
    > >
    > > I have pasted my asp.net code below. What is happening is that no matter
    > > what is entered by the user, a cookie and written and a user gets access to
    > > secured area. Basically login verification is not working and I am not able
    > > to find the error. I would appreciate if you take a quick look and let me
    > > know where I am making a mistake. As you can see my code is in VB.NET so
    > > please do not write solution in C# because I am a beginner when it comes to
    > > asp.net
    > >
    > > Seems that the IF statement is not working
    > >
    > > if dtrResults.Read()
    > >
    > > Thanks in advance
    > >
    > > Joe
    > >
    > > Dim DBConn As OleDbConnection
    > > Dim DSLogin As New DataSet
    > > Dim CmdStr As String
    > > Dim DBCmd As New OleDbCommand
    > > Dim DBSelect As New OleDbCommand
    > > Dim pathStr As String
    > > Dim dtrResults As OleDBDataReader
    > > Dim TheDomain As String
    > > Dim ThePath As String
    > >
    > > pathStr = "E:\mole"
    > > DBConn = New OleDbConnection("PROVIDER=Microsoft.Jet.OLEDB.4.0;" _
    > > & "DATA SOURCE=" _
    > > & pathStr + "\databases\xyz.mdb")
    > > DBConn.Open()
    > >
    > > CmdStr =("Select userid, password from logins Where page = abc' AND
    > > userid= @uid AND password = @Password")
    > > DBSelect = new OleDbCommand(CmdStr, DBconn)
    > > DBSelect.Parameters.Add("@uid", OleDbType.VarChar, 255)
    > > DBSelect.Parameters("@uid").Value = txtUserID.Text
    > > DBSelect.Parameters.Add("@Password", OleDbType.VarChar, 255)
    > > DBSelect.Parameters("@Password").Value = txtPwd.Text
    > > dtrResults = DBSelect.ExecuteReader()
    > > if dtrResults.Read()
    > > dtrResults.Close()
    > > DBConn.Close()
    > > lblMessage.Text = "Please enter correct login info."
    > > Response.Redirect("wp_request.aspx?y=007")
    > > else
    > > dtrResults.Close()
    > > CmdStr = "Insert into users ([name], [company], , [request_date],
    > > [ip], [userid], [password]) values ('" & txtName.Text & "','" &
    > > txtCompany.Text & "','" & txtEmail.Text & "','" & DateTime.Now() & "','" &
    > > Request.UserHostAddress() & "','" & txtUserID.Text & "','" & txtPwd.Text &
    > > "')"
    > > DBCmd = New OleDbCommand(CmdStr, DBConn)
    > > DBCmd.ExecuteNonQuery()
    > >
    > > DBConn.Close()
    > >
    > > TheDomain = ".www.something.com"
    > > ThePath = "/somefoldeer"
    > > Response.Cookies("Somecookie").Value = txtName.Text '("ID")
    > > Response.Cookies("Somecookie ").Expires = DateTime.Now.AddDays(1)
    > > 'DateAdd("d", 1, Now()) '#Dec 31, 2004#
    > > Response.Cookies("Somecookie").Domain = TheDomain
    > > Response.Cookies("Somecookie").Path = ThePath
    > >
    > > Response.redirect("constructor.aspx?y=")
    > > End If
    > >[/color][/color]
    =?Utf-8?B?UGF0cmljay5PLklnZQ==?=, Nov 15, 2004
    #3
  4. I should have put if not dtrResults.Read() Then
    instead of if dtrResults.Read() Then.




    "Patrick.O.Ige" wrote:

    > Joe what was it?
    > Interesting to know!
    >
    > "Joe" wrote:
    >
    > > I found my mistake.
    > >
    > > "Joe" wrote:
    > >
    > > > Hi,
    > > >
    > > > I have MS Access database with a small table that has four columns ID
    > > > (Primary Key), page, userid and password. The page column holds the name of
    > > > the page which has the login form. The userid and password column contain the
    > > > id and password that I am trying to check. You might wonder why I don’t have
    > > > only two columns, userid and password. I intend to use this database for
    > > > several different login pages. For a particular login page, I may have two or
    > > > more userid and password combinations.
    > > >
    > > > I have pasted my asp.net code below. What is happening is that no matter
    > > > what is entered by the user, a cookie and written and a user gets access to
    > > > secured area. Basically login verification is not working and I am not able
    > > > to find the error. I would appreciate if you take a quick look and let me
    > > > know where I am making a mistake. As you can see my code is in VB.NET so
    > > > please do not write solution in C# because I am a beginner when it comes to
    > > > asp.net
    > > >
    > > > Seems that the IF statement is not working
    > > >
    > > > if dtrResults.Read()
    > > >
    > > > Thanks in advance
    > > >
    > > > Joe
    > > >
    > > > Dim DBConn As OleDbConnection
    > > > Dim DSLogin As New DataSet
    > > > Dim CmdStr As String
    > > > Dim DBCmd As New OleDbCommand
    > > > Dim DBSelect As New OleDbCommand
    > > > Dim pathStr As String
    > > > Dim dtrResults As OleDBDataReader
    > > > Dim TheDomain As String
    > > > Dim ThePath As String
    > > >
    > > > pathStr = "E:\mole"
    > > > DBConn = New OleDbConnection("PROVIDER=Microsoft.Jet.OLEDB.4.0;" _
    > > > & "DATA SOURCE=" _
    > > > & pathStr + "\databases\xyz.mdb")
    > > > DBConn.Open()
    > > >
    > > > CmdStr =("Select userid, password from logins Where page = abc' AND
    > > > userid= @uid AND password = @Password")
    > > > DBSelect = new OleDbCommand(CmdStr, DBconn)
    > > > DBSelect.Parameters.Add("@uid", OleDbType.VarChar, 255)
    > > > DBSelect.Parameters("@uid").Value = txtUserID.Text
    > > > DBSelect.Parameters.Add("@Password", OleDbType.VarChar, 255)
    > > > DBSelect.Parameters("@Password").Value = txtPwd.Text
    > > > dtrResults = DBSelect.ExecuteReader()
    > > > if dtrResults.Read()
    > > > dtrResults.Close()
    > > > DBConn.Close()
    > > > lblMessage.Text = "Please enter correct login info."
    > > > Response.Redirect("wp_request.aspx?y=007")
    > > > else
    > > > dtrResults.Close()
    > > > CmdStr = "Insert into users ([name], [company], , [request_date],
    > > > [ip], [userid], [password]) values ('" & txtName.Text & "','" &
    > > > txtCompany.Text & "','" & txtEmail.Text & "','" & DateTime.Now() & "','" &
    > > > Request.UserHostAddress() & "','" & txtUserID.Text & "','" & txtPwd.Text &
    > > > "')"
    > > > DBCmd = New OleDbCommand(CmdStr, DBConn)
    > > > DBCmd.ExecuteNonQuery()
    > > >
    > > > DBConn.Close()
    > > >
    > > > TheDomain = ".www.something.com"
    > > > ThePath = "/somefoldeer"
    > > > Response.Cookies("Somecookie").Value = txtName.Text '("ID")
    > > > Response.Cookies("Somecookie ").Expires = DateTime.Now.AddDays(1)
    > > > 'DateAdd("d", 1, Now()) '#Dec 31, 2004#
    > > > Response.Cookies("Somecookie").Domain = TheDomain
    > > > Response.Cookies("Somecookie").Path = ThePath
    > > >
    > > > Response.redirect("constructor.aspx?y=")
    > > > End If
    > > >[/color][/color][/color]
    =?Utf-8?B?Sm9l?=, Nov 15, 2004
    #4
  5. Good its working.. and u found your errors!


    "Joe" wrote:

    > I should have put if not dtrResults.Read() Then
    > instead of if dtrResults.Read() Then.
    >
    >
    >
    >
    > "Patrick.O.Ige" wrote:
    >
    > > Joe what was it?
    > > Interesting to know!
    > >
    > > "Joe" wrote:
    > >
    > > > I found my mistake.
    > > >
    > > > "Joe" wrote:
    > > >
    > > > > Hi,
    > > > >
    > > > > I have MS Access database with a small table that has four columns ID
    > > > > (Primary Key), page, userid and password. The page column holds the name of
    > > > > the page which has the login form. The userid and password column contain the
    > > > > id and password that I am trying to check. You might wonder why I don’t have
    > > > > only two columns, userid and password. I intend to use this database for
    > > > > several different login pages. For a particular login page, I may have two or
    > > > > more userid and password combinations.
    > > > >
    > > > > I have pasted my asp.net code below. What is happening is that no matter
    > > > > what is entered by the user, a cookie and written and a user gets access to
    > > > > secured area. Basically login verification is not working and I am not able
    > > > > to find the error. I would appreciate if you take a quick look and let me
    > > > > know where I am making a mistake. As you can see my code is in VB.NET so
    > > > > please do not write solution in C# because I am a beginner when it comes to
    > > > > asp.net
    > > > >
    > > > > Seems that the IF statement is not working
    > > > >
    > > > > if dtrResults.Read()
    > > > >
    > > > > Thanks in advance
    > > > >
    > > > > Joe
    > > > >
    > > > > Dim DBConn As OleDbConnection
    > > > > Dim DSLogin As New DataSet
    > > > > Dim CmdStr As String
    > > > > Dim DBCmd As New OleDbCommand
    > > > > Dim DBSelect As New OleDbCommand
    > > > > Dim pathStr As String
    > > > > Dim dtrResults As OleDBDataReader
    > > > > Dim TheDomain As String
    > > > > Dim ThePath As String
    > > > >
    > > > > pathStr = "E:\mole"
    > > > > DBConn = New OleDbConnection("PROVIDER=Microsoft.Jet.OLEDB.4.0;" _
    > > > > & "DATA SOURCE=" _
    > > > > & pathStr + "\databases\xyz.mdb")
    > > > > DBConn.Open()
    > > > >
    > > > > CmdStr =("Select userid, password from logins Where page = abc' AND
    > > > > userid= @uid AND password = @Password")
    > > > > DBSelect = new OleDbCommand(CmdStr, DBconn)
    > > > > DBSelect.Parameters.Add("@uid", OleDbType.VarChar, 255)
    > > > > DBSelect.Parameters("@uid").Value = txtUserID.Text
    > > > > DBSelect.Parameters.Add("@Password", OleDbType.VarChar, 255)
    > > > > DBSelect.Parameters("@Password").Value = txtPwd.Text
    > > > > dtrResults = DBSelect.ExecuteReader()
    > > > > if dtrResults.Read()
    > > > > dtrResults.Close()
    > > > > DBConn.Close()
    > > > > lblMessage.Text = "Please enter correct login info."
    > > > > Response.Redirect("wp_request.aspx?y=007")
    > > > > else
    > > > > dtrResults.Close()
    > > > > CmdStr = "Insert into users ([name], [company], , [request_date],
    > > > > [ip], [userid], [password]) values ('" & txtName.Text & "','" &
    > > > > txtCompany.Text & "','" & txtEmail.Text & "','" & DateTime.Now() & "','" &
    > > > > Request.UserHostAddress() & "','" & txtUserID.Text & "','" & txtPwd.Text &
    > > > > "')"
    > > > > DBCmd = New OleDbCommand(CmdStr, DBConn)
    > > > > DBCmd.ExecuteNonQuery()
    > > > >
    > > > > DBConn.Close()
    > > > >
    > > > > TheDomain = ".www.something.com"
    > > > > ThePath = "/somefoldeer"
    > > > > Response.Cookies("Somecookie").Value = txtName.Text '("ID")
    > > > > Response.Cookies("Somecookie ").Expires = DateTime.Now.AddDays(1)
    > > > > 'DateAdd("d", 1, Now()) '#Dec 31, 2004#
    > > > > Response.Cookies("Somecookie").Domain = TheDomain
    > > > > Response.Cookies("Somecookie").Path = ThePath
    > > > >
    > > > > Response.redirect("constructor.aspx?y=")
    > > > > End If
    > > > >[/color][/color][/color]
    =?Utf-8?B?UGF0cmljay5PLklnZQ==?=, Nov 16, 2004
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Guest
    Replies:
    0
    Views:
    678
    Guest
    Feb 25, 2004
  2. ad
    Replies:
    2
    Views:
    718
  3. =?Utf-8?B?Q2hyaXM=?=

    Help Help. I really need some help with this

    =?Utf-8?B?Q2hyaXM=?=, Jan 31, 2007, in forum: ASP .Net
    Replies:
    3
    Views:
    559
    =?Utf-8?B?SmFzb24gVmVybWlsbGlvbg==?=
    Jan 31, 2007
  4. Domino
    Replies:
    5
    Views:
    376
    dorayme
    Nov 5, 2006
  5. ledpepper

    First script. Need some help

    ledpepper, May 27, 2010, in forum: Python
    Replies:
    4
    Views:
    264
    ledpepper
    May 28, 2010
Loading...

Share This Page