I have created 1 login form.
I have used the MS ACCESS database as backend tool.
Table Name : UserAccount
Fields : • username • password
I written the code as below ...
Button1=Login button -
Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
-
-
Dim con As New OleDbConnection("Provider=microsoft.jet.oledb.4.0 ; Data Source=E:\Brinda & Jay\Brinda\02 S.Y\VB.NET\My Project\Project.mdb")
-
-
con.Open()
-
-
qry = "select count(id) from UserAccount where username= ' " & txtUserName.Text & " ' and password= ' " & txtPassword.Text & " ' ;"
-
-
Dim cmd As New OleDbCommand(qry, con)
-
Dim da As New OleDbDataAdapter(cmd)
-
ans = cmd.ExecuteScalar()
-
If ans > 0 Then
-
MsgBox("Accessed")
-
Else
-
MsgBox("Not Accessed")
-
End If
-
con.Close()
-
End Sub
-
There is no error in this code, but when I run this form, and enter the right username and password, then also it displays the magbox "Not Accessed". What can I do about this?
Then supply it with non-null parameters.
I just took the code that I posted from the msdn example which means you probably need to modify it for your purpose.
Do you understand what non-null means?
It means that you have declared a variable but not instantiated it yet.
So, to fix Null problems ensure that the variables are instantiated before using them.
To instantiate something you use the keyword new.
Like this: -
Dim uNameParam As New OleDbParameter("@UserName", OleDbType.VarChar, 80)
-
Dim passParam As New OleDbParameter("@Password", OleDbType.VarChar, 80)
-
-
' Now uNameParam and passParam are instantiated (not null)
-
' So you can use them
-
uNameParam.Value = txtUserName.Text
-
passParam.Value = txtPassword.Text
-
-
'And then add them to the parameters property of the command
-
command.Parameters.Add(uNameParam)
-
command.Parameters.Add(passParam)
-
19  1421 
The OleDbCommand.ExecuteScalar Method returns the first column of the first row in the result set returned by the query.
Are you sure this is what you want?
I think what you probably want to use the OleDbCommand.ExecuteReader Method and then check if the reader HasRows to determine if a row exists in the database with the user name and password provided.
You should always use the OleDbCommand.Parameters Property instead of dynamically building your SQL query string by directly inserting data provided by the user. This will prevent SQL insertion attacks and give you better caching ability for your SQL commands.
-Frinny
Michael,
This question was asked in the VB.NET forum, not the vb6 forum.
The answer to the question should be using the VB.NET controls and tools.
I have tried to create the login form in another way as follows -
Imports System.Data.OleDb
-
-
Public Class Login
-
-
Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
-
-
Dim con As New OleDbConnection("Provider=microsoft.jet.oledb.4.0 ; Data Source=E:\Brinda & Jay\Brinda\02 S.Y\VB.NET\My Project\Project.mdb")
-
-
con.Open()
-
-
Dim password As String
-
password = Me.txtPassword.Text.ToString
-
Dim da As New OleDbDataAdapter("select * from UserAccount where username=" & txtUserName.Text.ToString, con)
-
Dim dt As New DataTable
-
da.Fill(dt)
-
Dim epassword As String = dt.Rows(0).Item("Password")
-
-
If password.CompareTo("epassword") Then
-
MsgBox("Successful")
-
Else
-
MsgBox("Not Success")
-
End If
-
-
con.Close()
-
End Sub
-
End Class
-
but there is runtime error occured. "No value given for one or more required parameters."
And whrer I have to use OleDbCommand.Parameters Property in above 1st or 2nd code? and How can I use this property?
It is my college's exercise for connectivity in vb.net
I have tried it since a month, but there is nothing could be done in this. I have also tried many different methods, but nothing could be done.
Can you provide me a new successful code for this?
Please help me Frinny.
Ajay Bhalala,
The code you posted looks exactly the same as the code you posted previously.
I suggested that you probably didn't want to use the ExecuteScalar method, that you are probably interested in using the ExecuteReader command instead and then you could check the HasRows property to determine if any rows are returned, and I suggested that you should be using parameters.
By posting the links that I previously provided, I was recommending that you re-write your code to be something like this (The following is guideline and I have no idea if this is going to work as written): -
Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
-
-
Dim conString As String = "Provider=microsoft.jet.oledb.4.0 ; Data Source=E:\Brinda & Jay\Brinda\02 S.Y\VB.NET\My Project\Project.mdb"
-
Dim msg As String = "Access not checked"
-
-
Using connection As New OleDbConnection(conString)
-
Dim queryString = "select * from UserAccount where username= ? and password= ?;"
-
Dim command As New OleDbCommand(queryString, connection)
-
command.Parameters.Add(txtUserName.Text)
-
command.Parameters.Add(txtPassword.Text)
-
-
connection.Open()
-
Dim reader As OleDbDataReader = command.ExecuteReader()
-
-
If reader.HasRows
-
msg = "Access Permitted"
-
Else
-
msg = "NO Access Permitted"
-
End If
-
-
reader.Close()
-
End Using
-
MsgBox(msg)
-
End Sub
-Frinny
If I take "conString" in place of "connectionString" following runtime error occured.
"The OleDbParameterCollection only accepts non-null OleDbParameter type objects, not String objects."
in line 8 in above code.
Thank you for your quick reply. Can you provide me your full code?
I mean to say can you give me a new full code for the login form?
That error message suggests that the Parameters property expects to have OleDbParameter types added to it and not String types.
In my code I added just strings...
You need to modify your code to provide proper parameters.
Maybe something like this: -
command.Parameters.Add("@UserName", OleDbType.VarChar, 80).Value = txtUserName.Text
-
command.Parameters.Add("@Password", OleDbType.VarChar, 80).Value = txtPassword.Text
-
See the documentation links for more information.
-Frinny
If I use this, and run my application, then msgbox is displays..
MsgBox Title : Microsoft Visual Basic 2008 Express Edition.
MsgBox Text : There is no source code available for the current loaction.
and if I click OK in msgbox, runtime error occured, "The OleDbParameterCollection only accepts non-null OleDbParameter type objects, not String objects." in 'command.Parameters.Add("@UserName", OleD' with dull green color.
What can I do?
Then supply it with non-null parameters.
I just took the code that I posted from the msdn example which means you probably need to modify it for your purpose.
Do you understand what non-null means?
It means that you have declared a variable but not instantiated it yet.
So, to fix Null problems ensure that the variables are instantiated before using them.
To instantiate something you use the keyword new.
Like this: -
Dim uNameParam As New OleDbParameter("@UserName", OleDbType.VarChar, 80)
-
Dim passParam As New OleDbParameter("@Password", OleDbType.VarChar, 80)
-
-
' Now uNameParam and passParam are instantiated (not null)
-
' So you can use them
-
uNameParam.Value = txtUserName.Text
-
passParam.Value = txtPassword.Text
-
-
'And then add them to the parameters property of the command
-
command.Parameters.Add(uNameParam)
-
command.Parameters.Add(passParam)
-
Oh wow frinny...... thank you very very much for your help. I am so happy.
After all its done. I am so happy.... oh frinavale thank you very very very very much for the help.
Thank you so much. Thank you, thank you, thank you....
Frinavale you helps me lot. I am so happy. Its a big day for me in my life, thank you again frinny.
thanks again for all your helps and links provided by you.
All the information provided by you is very useful for me. VB.NET was my favorite subject. but while this login form is not done I have lost my interest from this subject, but now I have get my interest again in this subject due to you.
You solve my query which can't be solved by anything including my teacher, so I like my this subject VB.NET again.
Before I ask this question on this website, I have aked my whole teachers, my friends, etc, but no one can solve this and you solve it. So thank you very much.
Thanks frinny. and sorry for take your huge time.
I am sorry, but I still have a question.
In database, I have enter the "Brinda" in Username field and "MyProject" in Password field.
When I run my application, and enter the above username and password in form then it display "accessed", but when I enter the "brinda" in username's textbox and "myproject" in password's textbox in form then it also display "Accessed". I want to check the username and password case sensitively. Can I do this? If yes then How?
Thank you.
I am really happy you were able to solve your problem. The .NET framework is very powerful and never gets boring!
I haven't actually tried connecting to an Access Database like you are doing.
When I query my MS SQL database using: -
Select * From userTable Where username='brinda' and password='myproject'
It will not work because it is case sensitive.
This may be something special with how Access processes select queries.
Aside form the odd behviour of select command, I think you may be interested in checking out the topic of .NET Principals and Identities.
An Identity contains information about the user's authentication details.... by this I mean it holds the user name and password and has a method that does the process of authenticating a provided user name and password (just like you are doing).
A Principal contains an Identity and once the user has been authenticate (logged in) the Principal class retrieves the "roles" or "permissions" that the user has privileges to.
This is really useful if your application has sections that are visible to some users (like the owner of a company or an IT administrator) that are not visible to other users (like a receptionist or line worker).
After authenticating (checking if the user name and password work), the rest of the application can be locked down or unlocked according to the permissions/roles assigned to the user.
The general topic to research would be "Authentication and Authorization in .NET". It is really cool and once you know how to use principals and identities you will be able to professionally implement multi-user applications!
Anyways, it's a really cool topic and if you want to try making your own custom Identity and Principal class feel free to ask questions about it.
In the meantime, I think it would be best to ask about why your select query is returning true for something that it is not true in the Access forum.....
Unless there is something else wrong.... Did you try authenticating something that you know isn't in your database? Like authenticating username:'Frinny' and password:'bytes'?
Does that return true or false?
-Frinny
Yes I have try authenticating something that isn't in my database. It returns msgbox "Not Accessed". There is no problem with wrong name or password, there is problem only with the case sensitivity.
and thanks for your information about .NET Principals and Identities. I will surely study this topics.
Really, VB.NET is very interesting subject.
Project making is not in our course for this year, but I am interested in Project Making. I want to make one project in this year, but I think I have not enough knowledge of VB.NET for making the Project in VB.NET. But now I think I have to start to make the project, because if I have any query, then I am sure you will solve my query and help me on my project. and I am sure you will give me ideas for how to make the software.
Thank You Frinny for help me lot and also for solve my queries. Thank you very much. Now I will start the making the software and which topic I select, I will say you tommorow. I am suer you will help me to make my first software.
Thanks again.
Hello Frinny,
I have decided that I will do the College Management System as my first Project.
As you say I have to use the Identities, but in my project, I dont want to use the high level controls. So as you say I have created in my Personal Login Form. but in my project, I have created the login form with new method.
This done successfully, but there are 2 warnings are occured.
Warning 1 : Variable 'data' is used before it has been assigned a value. A null reference exception could result at runtime.
Warning 2 : Variable 'data1' is used before it has been assigned a value. A null reference exception could result at runtime.
Here is my code.. -
Imports System.Data.OleDb
-
-
Public Class Form1
-
-
Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
-
-
Dim con As New OleDbConnection("provider=microsoft.jet.oledb.4.0; data source=E:\Brinda & Jay\Brinda\02 S.Y\VB.NET\My Project\Project.mdb")
-
Dim rd As OleDbDataReader
-
Dim data, data1 As String
-
-
con.Open()
-
Dim cmd As New OleDbCommand("select * from UserAccount where username='" & txtUserName.Text & "' and password ='" & txtPassword.Text & "'", con)
-
rd = cmd.ExecuteReader()
-
If rd.Read() Then
-
data = rd.Item("username")
-
data1 = rd.Item("password")
-
End If
-
-
If data = txtUserName.Text And data1 = txtPassword.Text Then
-
MsgBox("Login")
-
Else
-
MsgBox("Not")
-
End If
-
con.Close()
-
End Sub
-
End Class
-
There is no any problem, but just these 2 warnings are occured.
What can I do?
Thank You again.
To get rid of those errors is pretty simple: make sure the variables are instantiated before using them.
In this case you could just do: -
Dim data As String = ""
-
Dim data1 As String = ""
-
In other cases, say you wanted to create a Student type you would use the new keyword.
Like this: -
Dim studentA As New Student()
-
studentA.Name = "Frinavale"
-
If you didn't use the New keyword you would get the warning in code that you see and if you tried to run the application it would crash with a null reference exception because you used the variable studentA before instantiating it.
-Frinny
Ok thank you frinny. It works. thank you so much again.
There is a logical error on line 19 in the code you posted last: -
If data = txtUserName.Text And data1 = txtPassword.Text Then
If the user enters nothing and clicks the log in button...this will resolve to true but the person should not be granted access.
Ok frinny. Thansk so much for your help.
Sign in to post your reply or Sign up for a free account.
Similar topics
by: calaha |
last post by:
Hi all,
I have been working with this since last night, and can't quite figure out
why it's not working. I have a simple login box form that is set to be my
startup form in my Access app (upon...
|
by: carr4895 |
last post by:
Hello.
I was wondering if someone could help me too with a login form. Upon
startup, I have to display a password screen and it should accept a
user name and password. User name can be anything...
|
by: knot2afrayed |
last post by:
I am trying to fix error- object does not exist- I want it possible to
allow object not to exist.
I am writing a script on a page that may or may not include a login
form. For example-after a...
|
by: bull1099 |
last post by:
I designed a simple site which has a login for users to access their account page. When i had my files uploaded on a terrible hosting service site, my website I designed was fully functional. I moved...
|
by: sandari |
last post by:
The following code (web.config in Visual Studio 2005) is supposed to redirect a user to the appropriate Form depending on their role.
However, regardless of the user's role, the only page...
|
by: matheussousuke |
last post by:
I dont get any error message, it's simple, some pages works ok, they simply show "Welcome, 'username'.
LOGOUT (link)"
The same as Bytes, when u login, u dont see the form anymore, u just see a...
|
by: ibsaqi |
last post by:
Hello friends i am basically a new in programming language...i got readymade new login script and which i want to use for another form for my website.i.e
Form that i want to use in my website...
|
by: Slaxer13 |
last post by:
Hi ppl. I am having trouble with a login form. When i click the btnConfirmar, after having both Login and Password it gives me an error 2471: The expression you entered as a query parameter produced...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: aa123db |
last post by:
Variable and constants
Use var or let for variables and const fror constants.
Var foo ='bar';
Let foo ='bar';const baz ='bar';
Functions
function $name$ ($parameters$) {
}
...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
| |
