469,626 Members | 886 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,626 developers. It's quick & easy.

noob sql C# problem

hi. i'm pretty much a noob to c# and visual studio and am trying to create a simple login method. i have created a users table in the database and can add users by inputing there md5 encrypted password and a non encrypted username. problem is then checking a user has inputed valid username and passwords. i've created a stored procedure that returns 1 for a valid login and 0 for invalid but don't know if this procedure is the problem
Expand|Select|Wrap|Line Numbers
  1. PROCEDURE validlogin
  2.         @uname nchar(30),
  3.         @pass nchar(100),
  4.         @valid int        OUTPUT
  5. AS
  6.     IF EXISTS(SELECT * FROM Users WHERE User_name = @uname AND Password = @pass)
  7.         SELECT @valid = 1
  8.     ELSE
  9.         SELECT @valid = 0
  10.     RETURN @valid
this next method then takes the data from the login page and runs the stored procedure after this it returns true or false to another method which will handle what to do next.

Expand|Select|Wrap|Line Numbers
  1. private bool UserAuthenticate(string uname, string pass)
  2.         {
  3.             int validateresult;
  4.             string hashedpwd = EncodePassword(pass);
  5.             //query the username and password
  6.             sqlSelectCommand1.CommandType = CommandType.StoredProcedure;
  7.             sqlSelectCommand1.CommandText = "validlogin";
  8.             sqlSelectCommand1.Parameters.Add(new SqlParameter("@uname", SqlDbType.NChar, 30));
  9.             sqlSelectCommand1.Parameters["@uname"].Value = uname;
  10.             sqlSelectCommand1.Parameters.Add(new SqlParameter("@pass", SqlDbType.NChar, 30));
  11.             sqlSelectCommand1.Parameters["@pass"].Value = hashedpwd;
  12.             sqlSelectCommand1.Parameters.Add(new SqlParameter("@valid", SqlDbType.NChar, 30));
  13.             sqlSelectCommand1.Parameters["@valid"].Direction = ParameterDirection.Output;
  14.             //sqlDataAdapter1.SelectCommand = sqlSelectCommand1;
  15.             sqlConnection1.Open();
  17.             validateresult = Convert.ToInt32(sqlSelectCommand1.ExecuteScalar());
  18.             sqlConnection1.Close();
  19.             if (validateresult == 1)
  20.             {
  21.                 return true;
  22.             }
  23.             else
  24.             {
  25.                 return false;
  26.             }
  27. }
any help would be much appreciated
Aug 30 '08 #1
2 989
god only knows why but the code seems to now work after i took a break and re-ran the program. one thing i did change was change SELECT @valid = 1 to SET @valid = 1 in the stored procedure, but i then changed it back and it worked both ways. so the result from the stored procedure is 0 or 1 depending if the correct data has been entered. next question is where next. i think i have options of creating a cookie on users machine or using session variables? any other ways to proceed? any way that code could be improved? (including how to put in error handling)
thanks in advance
Aug 30 '08 #2
Curtis Rutland
3,256 Expert 2GB
Well, just some pointers on making it cleaner. You can use SqlCommand.Parameters.AddWithValue(string param, object value) instead of Add, which should condense things a bit. Also, you should be able to cast the return value of ExecuteScalar as a bool rather than an int.

Just little things. Your way isn't wrong, just different than mine.

Also, please use [code] tags when posting code. You can use the # symbol in the text editor.

Aug 30 '08 #3

Post your reply

Sign in to post your reply or Sign up for a free account.

Similar topics

7 posts views Thread by administrata | last post: by
10 posts views Thread by Matt Hollingsworth | last post: by
8 posts views Thread by Ivan Shevanski | last post: by
reply views Thread by AndyW | last post: by
2 posts views Thread by Link360 | last post: by
4 posts views Thread by jobs | last post: by
5 posts views Thread by Milan Krejci | last post: by
6 posts views Thread by Lang Murphy | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.