Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Custom Authentication Advice? 1

Status
Not open for further replies.
Beeps

Beeps

Programmer
Aug 28, 2001
128
US
hi,

I've implemented forms authentication on a web application. The form is just your standard "enter your user name and password" form and when the user enters their login credentials, I open a connection to a database to get that user.

Here's my SQL

SELECT * FROM Employees WHERE UserName ='" & txtUserName.text & "' AND Password ='" & txtPassword.text & "';"

The question how do I test for an empty recordset if the user enters invalid login credentials? I've been using the Read method like:

If Dataset.Read = false then

'login is invalid

Does anybody see a problem with using this method and/or is there a better way?

Thanks
 
Sort by date Sort by votes
I'll usually use the .executeScalar method to return a count(*) of records, and then just evaluate that:

dim sql as string = "SELECT COUNT(*) FROM Employees WHERE UserName = '" & txtUserName.text & "' AND Password = '" & txtPassword.text & "';"

commandObject.commandText = sql
if commandObject.executeScalar() > 0 then
'they logged in successfully
else
'they didn't log in successfully
end if
penny1.gif
penny1.gif

The answer to getting answered -- faq855-2992
 
Upvote 0 Downvote
Thanks for the quick reply,

The reason that I was not using count in the SQL was that I'm using the employee data to write a cookie so I can customize the page to the user (First, last name, and employee id) if there is an authentication cookie that is still valid.

I'm not sure hou I can use this example in this specific instance... Any ideas??

That's a great idea though, thanks for the tip!
 
Upvote 0 Downvote
Well then, it depends on your target object... if it's a datareader, I believe the property is .recordsAffected, and if it's a datatable, then you ask for dataTable.rows.count

If either is 0, then there were no rows returned.

I noticed up there, you said:

DataSet.Read

But read is a method on a dataReader, not a dataSet.

??
penny1.gif
penny1.gif

The answer to getting answered -- faq855-2992
 
Upvote 0 Downvote
Thanks link9,

I meant dataset, you're right. I'll look into the .executescalar method. I think that I'll use the DataTable.Rows.Count idea.

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

weberm
  • Locked
  • Question
How do I make a page with multiple AJAX custom controls?
Replies
2
Views
754
weberm
weberm
Moregelen
  • Locked
  • Question
Domain Authentication
Replies
0
Views
687
Moregelen
Moregelen
G12Consult
  • Locked
  • Question
Forms authentication not working
Replies
4
Views
420
Rajkumarrrrr
Rajkumarrrrr
NoCoolHandle
  • Locked
  • Question
Integrate Facebook (social) logins with Forms authentication..
Replies
0
Views
193
NoCoolHandle
NoCoolHandle
dvannoy
  • Locked
  • Question
Custom Errors Not Working
Replies
6
Views
359
dvannoy
dvannoy

Part and Inventory Search

Sponsor

Back
Top