login button problem

**vee10** · Apr 29 '08, 11:30 AM

hi,

should not use the && for queries
da = "select * from login where username ='"+textbox1.te xt+"' and password ='"+textbox2.te xt + "'";

Originally posted by peerraghu

Hi i created a login form and even i created register button, i am able to place all the values in the data base in the register page but what is the codding for login button, how it checks weather user name and password from the data base

i have written coding for login button as
sql dataadapter da= new sqldatadapter() ;
da="select * from login where username='"+tex tbox1.text+"'"& & password='"+tex tbox2.text+"'";

but it is not working
Thank you
raghu

**Frinavale** · Apr 29 '08, 06:20 PM

Originally posted by peerraghu

Hi i created a login form and even i created register button, i am able to place all the values in the data base in the register page but what is the codding for login button, how it checks weather user name and password from the data base

i have written coding for login button as
sql dataadapter da= new sqldatadapter() ;
da="select * from login where username='"+tex tbox1.text+"'"& & password='"+tex tbox2.text+"'";

but it is not working
Thank you
raghu

You are vulnerable to an SQL Insertion Attack if you use this code as is.
When you are forming an SQL query you should use Paramaters instead of concatenating user data into your SQL statements.

Please read the article on How to use a database in your program for an explanation on how to do this....you should also do research into DataAdapters and DataSet

-Frinny

login button problem

login button problem

Comment

Comment