20
hi al
i wrote a code (LOgin form) that checks the user id and if it exists validates the password but this is not all validating and simply displaying user does not exist
i am sending the code pls check and fix it pls its urgent
using System;
using System.Collections;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Web;
using System.Web.SessionState;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.HtmlControls;
using System.Data.SqlClient;
using System.Web.Security;
namespace Customer
{
/// <summary>
/// Summary description for WebForm2.
/// </summary>
public class WebForm2 : System.Web.UI.Page
{
protected System.Web.UI.WebControls.Label Label1;
protected System.Web.UI.WebControls.Label Label2;
protected System.Web.UI.WebControls.Label Label3;
protected System.Web.UI.WebControls.TextBox TextBox1;
protected System.Web.UI.WebControls.TextBox TextBox2;
protected System.Web.UI.WebControls.Button Button1;
protected System.Web.UI.WebControls.Button Button2;
protected System.Web.UI.WebControls.Button Button3;
protected System.Web.UI.WebControls.Label Label4;
protected System.Web.UI.WebControls.LinkButton LinkButton1;
protected System.Web.UI.WebControls.TextBox TextBox3;
SqlConnection con;
SqlCommand cmdc,cmds;
private void Page_Load(object sender, System.EventArgs e)
{
// Put user code to initialize the page here
try
{
con=new SqlConnection("Data Source=STAR3;Database=Customer;user id=sa;password=;");
con.Open();
cmds=new SqlCommand("select * from LoginDetails",con);
con.Close();
}
catch(Exception e1)
{
Response.Write("Connection cannot be established" +e1.Message);
}
}
private void Button1_Click(object sender, System.EventArgs e)
{
if(chkpwd(TextBox1.Text,TextBox2.Text,TextBox3.Tex t))
{
FormsAuthentication.RedirectFromLoginPage(TextBox2 .Text,true);
Response.Redirect("WebForm3.aspx");
}
else
{
TextBox3.Text="";
Response.Write("User name does not exist try again");
if(System.Convert.ToInt32(ViewState["Tries"])>1)
Response.Redirect("WebForm10.aspx");
else
{
ViewState["Tries"]=System.Convert.ToInt32(ViewState["Tries"])+1;
if(System.Convert.ToInt32(ViewState["Tries"])>3)
Response.Redirect("WebForm10.aspx");
}
}
}
private void Button3_Click(object sender, System.EventArgs e)
{
}
private bool chkpwd(string cid,string uid,string pwd)
{
bool bsuccess=false;
//pwd=FormsAuthentication.HashPasswordForStoringInCo nfigFile(pwd,"sha1");
try
{
con.Open();
cmdc=new SqlCommand("select * from LoginDetails" + " where UserID = '"+uid+"'",con);
SqlDataReader drc=cmdc.ExecuteReader();
while(drc.Read())
{
if(pwd == drc["Pawd"].ToString())
{
Response.Write("Login successful");
bsuccess=true;
}
}
con.Close();
}
catch
{
bsuccess=false;
//Response.Write(Environment.NewLine+"Error:" +e1.Message+e1.HelpLink);
con.Close();
}
return bsuccess;
}
private void LinkButton1_Click(object sender, System.EventArgs e)
{
Response.Redirect("WebForm1.aspx");
}
}
}
pls be fast its urgent thanks in advance
