ASP.NET {VB}: Login problem after hitting back button

**OuTCasT** · Dec 2 '08, 12:21 PM

You need to create a validation function to validate the username and password before letting the user continue.....Yo u also add to the function that if the username does not match the password it wont let the user go forward, and visa versa.

Code:

Private Function ValidateUser(ByVal userName As String, ByVal passWord As String) As Boolean
        Dim conn As SqlConnection
        Dim cmd As SqlCommand
        Dim lookupPassword As String

        lookupPassword = Nothing

        ' Check for an invalid userName.
        ' userName  must not be set to nothing and must be between one and 15 characters.
        If ((passWord Is Nothing)) Then
            'Label1.Text = "[ValidateUser] Input validation of userName failed."
            Return False

        End If
        Try
            ' Consult with your SQL Server administrator for an appropriate connection
            ' string to use to connect to your local SQL Server.

            conn = New SqlConnection("Server=(local);Data Source=.\SQLEXPRESS;Initial Catalog='" & strCompanyName & "';Integrated Security=True;Pooling=False")
            conn.Open()

            ' Create SqlCommand to select pwd field from the users table given a supplied userName.
            cmd = New SqlCommand("SELECT [password] FROM [users] where [username]=@username", conn)
            cmd.Parameters.Add("@username", SqlDbType.VarChar, 25)
            cmd.Parameters("@username").Value = userName


            ' Execute command and fetch pwd field into lookupPassword string.
            lookupPassword = cmd.ExecuteScalar()

            ' Cleanup command and connection objects.
            cmd.Dispose()
            conn.Dispose()
        Catch ex As Exception
            ' Add error handling here for debugging.
            ' This error message should not be sent back to the caller.
            Label1.Text = "[ValidateUser] Exception " & ex.Message
        End Try

        ' If no password found, return false.
        If (lookupPassword Is Nothing) Then
            ' You could write failed login attempts here to the event log for additional security.
            Return False
        End If

        ' Compare lookupPassword and input passWord by using a case-sensitive comparison.
        Return (String.Compare(lookupPassword, passWord, False) = 0)

    End Function

Code:

Private Sub btnOK_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnOK.Click
        If ValidateUser(txtUsername.Text, txtPassword.Text) Then
response.redirect("")            
        End If
        If ValidateUser(txtUsername.Text, txtPassword.Text) = False Then
            MsgBox("Username or Password incorrect, Try again.", MsgBoxStyle.Information)
            txtPassword.Focus()
        End If
    End Sub

Or if you are running the application on your intrenet....the n u can make use of VS login system and manage the roles and logins.
In your toolbox under Login you will see a control called Login....drag that onto a form and you will be given an option to Administer Website....from there you can start giving access to your website and let users create there own username and such.....just play around with those controls

**Rasto** · Dec 3 '08, 11:15 AM

Do U have still problem with this?

ASP.NET {VB}: Login problem after hitting back button

ASP.NET {VB}: Login problem after hitting back button

Comment

Comment