I have the following code but get a 'log on denied' error even though I know the user and password are correct.
Thank for any advice.
Code:
Private hashed As String
Protected Sub LogonBtn_Click(sender As Object, e As EventArgs)
'Dim hashedPassword As String = Crypto.HashPassword(hashed)
Dim hashedPassword As String = Crypto.HashPassword(passwordTextBox.Text)
'Authenticate user
'Dim Authenticated As Boolean = Authenticate(strEmailTextBox.Text, passwordTextBox.Text)
Dim Authenticated As Boolean = Authenticate(strEmailTextBox.Text, hashedPassword)
'If authenticated, send user to userpage.aspx
If Authenticated Then
Dim target = String.Format("~/userpage.aspx?strEmailValue={0}", strEmailTextBox.Text)
Session("strEmailValue") = strEmailTextBox.Text
Response.Redirect(target, False)
Else
LabelError.Text = "Email/Password invalid. Login denied"
LabelError.Visible = True
End If
End Sub
Protected Function Authenticate(strEmailValue As String, hashedValue As String) As Boolean
'strEmailValue is the unknown email variable
'hashedValue is the unknown password variable
'strEmailTextBox is the ID of the email textbox field in my aspx file
'passwordTextBox is the ID of the password textbox field in my aspx file
'strEmail is the name of the email column in my MS Access database
Using connection As OleDbConnection = New OleDbConnection(System.Configuration.ConfigurationManager.ConnectionStrings("students").ConnectionString)
Dim cmdText As String = "SELECT COUNT(strEmail) FROM university WHERE strEmail = '" & strEmailValue & "' AND [hashed] = '" & hashedValue & "'"
Dim cmd As New OleDbCommand(cmdText, connection)
connection.Open()
Dim result As Integer = cmd.ExecuteScalar
connection.Close()
Return result > 0
End Using
End Function