By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
443,432 Members | 790 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 443,432 IT Pros & Developers. It's quick & easy.

how to check login values against the name and pswd stored db table?

P: 2
Hi,
I need to know how to check the login user name and password entered are in the database table that is created for the register purpose.

To compare the user name and password of login with the user name and password in database table what is the query.

How to check the user is valid and allow him to view the respective pages once the login button is clicked.
May 29 '10 #1
Share this Question
Share on Google+
3 Replies


Frinavale
Expert Mod 5K+
P: 9,731
What form of authentication are you using? Forms authentication?
May 31 '10 #2

P: 2
@stephenmani
I am not aware of authentication and i don't know . do me tell regarding and how to check the values. simply tell me the process behind login form
Jun 3 '10 #3

Frinavale
Expert Mod 5K+
P: 9,731
There are many types of authentication processes that you can use.

You could consider using Forms Authentication.
The user information will be stored in a database. An Identity for the user will be created when they log in that you can access on any page to determine whether or not the user has permissions to use the page. You can even specify which pages the user is allowed to access using the web.config so you don't have to do this in code (ASP.NET checks if the user is permitted to access the page before your page code is executed)....You can further modify the page based on the user's "roles" or "permissions" (things like disable a button if they are not an administrator but still have access to the page).

You should really look into Forms Authentication(here's another Forms Authentication overview), and Membership and Roles to get started.

But anyways, I have a feeling that you'll be interested in checking out these articles that outline how to use a database:
Database tutorial Part 1
Database tutorial Part 2

What you want to do is query the database for the based on the user name and retrieve the password. Compare the password to the password provided by the user.

The thing is that you shouldn't be storing passwords as plain text (it's a taboo thing to do). I recommend, when you first store the user's password, to use as Salt and create a Hash based on what the user entered. When the user returns to log in later, retrieve the salt and hash based on the user's name (you'll have to store the salt value in the database) and recreate the hash based on what the user entered as the password...if the hash matches the hash value originally stored then allow the user to proceed.



-Frinny
Jun 3 '10 #4

Post your reply

Sign in to post your reply or Sign up for a free account.