Website login using C# to connect with existing sql server db

c# asp.net sql-server-2008

13,535

I would recommend you use Windows Forms Authentication

to set up forms authentication to sql server database

go to C:>>Windows>>Microsoft.Net>Framework>>your version example mines v4.0>>aspnet_reqsql.exe

its a wizard to setup forms authentication scheme to your specific database.

then in your web.config

<connectionStrings>
    <add name="ConnectionStringName" connectionString="*********" providerName="System.Data.SqlClient"/>
  </connectionStrings>
  <system.web>
    <roleManager enabled="true"/>
    <compilation debug="true" targetFramework="4.0">
      <assemblies>
        <add assembly="System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
        <add assembly="System.Design, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A"/>
        <add assembly="System.Web.Extensions.Design, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
      </assemblies>
    </compilation>
    <authentication mode="Forms">
      <forms loginUrl="login.aspx"/>
    </authentication>
    <membership defaultProvider="SqlProvider">
      <providers>
        <clear/>
        <add connectionStringName="ConnectionStringName" applicationName="/" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="true" passwordFormat="Hashed" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" name="SqlProvider" type="System.Web.Security.SqlMembershipProvider"/>
      </providers>
    </membership>
  </system.web>

just drag and drop Login control to your page you can use Web Site Administration Tool to set rights and user and restrict user from certain folders.

13,535

Author by

edmarcstuff

Newbie. That's about it. My experience consists of about two years of programming at a community college; no experience prior to that.

Updated on June 04, 2022

Comments

edmarcstuff almost 2 years

I'm a brand newbie...

I am attempting to log on to my website in VS2010, which connects to an existing SQL Server 2008 Express database through asp.net, utilizing C# as the code behind.

Here's my login.aspx.cs code:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.IO;
using System.Net.Mail;
using System.Data.SqlClient;
using System.Web.Configuration;

public partial class Login : BasePage
{
    protected void Page_Load(object sender, EventArgs e)
    {
    }

    protected void btnlogin_Click(object sender, EventArgs e)
    {
        int Results = 0;

        if (txtUsername.Text != string.Empty && txtPassword.Text != string.Empty)
        {

            Results = Validate_Login(txtUsername.Text.Trim(), txtPassword.Text.Trim());

            if (Results == 1)
            {
                lblMessage.Text = "Login is Good, Send user to another page or enable controls.";
            }
            else
            {
                lblMessage.Text = "Username or Password is incorrect.";
                lblMessage.ForeColor = System.Drawing.Color.Red;
            }
        }
        else
        {
            lblMessage.Text = "Please make sure that your username and password is correct.";
        }
    }

    protected int Validate_Login(String Username, String Password)
    {
        SqlConnection con = new SqlConnection(@"Server=MARIOM-PC\SQLEXPRESS;Database=Logon");

        SqlCommand cmdselect = new SqlCommand();

        cmdselect.CommandType = System.Data.CommandType.StoredProcedure;

        cmdselect.CommandText = "[dbo].[prcLoginv]";

        cmdselect.Parameters.Add("@Username", System.Data.SqlDbType.VarChar, 50).Value = Username;
        cmdselect.Parameters.Add("@Password", System.Data.SqlDbType.VarChar, 50).Value = Password;
        cmdselect.Parameters.Add("@OutRes", System.Data.SqlDbType.Int, 4);
        cmdselect.Parameters["@OutRes"].Direction = System.Data.ParameterDirection.Output;

        cmdselect.Connection = con;

        int Results = 0;

        try
        {
            con.Open();

            cmdselect.ExecuteNonQuery();

            Results = (int)cmdselect.Parameters["@OutRes"].Value;
        }
        catch (SqlException ex)
        {
            lblMessage.Text = ex.Message;
        }
        finally
        {
            cmdselect.Dispose();

            if (con != null)
            {
                con.Close();
            }
        }

        return Results;
    }
}

When I click my Log In button, it takes me to my C# code behind which should iterate through the btn_Login_Click, then the Validate_Login method. But then it does not correctly update my login page with the correct information. I always get the "incorrect password" error.

Please help!