ASP.NET Database Login

Our login.aspx below file once again displays a username and password textbox. When the ASP Button 'LoginButton' is clicked the click event is raised and the event handler 'login' is called.

When this subroutine 'login' is called the Authenicate method of FormsAuthentication object will accept 2 parameters. The Method checks what's been entered into the username and password textboxes and compares the entries against the usernames and passwords stored within the credentials element in the Web.config.

If there is a match then the user is Authenticated and on the next line the SetAuthCookie method creates a cookie to store the users authentication ticket. SetAuthCookie also accepts 2 parameters, the first is the username and the second a Boolean value. Like the RedirectFromLoginPage Method setting this to true creates a persistent cookie that allows the user to close their browser, come back to the site and be still logged in. Setting this value to false forces users to log in each time they close down their browser and revisit the site.

login.aspx

<%@ Import Namespace="System.Data.Oledb" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<script runat="server">

Public Sub Login(ByVal s As Object, ByVal e As EventArgs)

If FormsAuthentication.Authenticate(UserName.Text, Password.Text) = True Then
  FormsAuthentication.SetAuthCookie(UserName.Text, True)
   Response.Redirect("admin/default.aspx")
 Else
   If DBAuthenticate(UserName.Text, Password.Text) Then
    FormsAuthentication.SetAuthCookie(UserName.Text, True)
    Response.Redirect("members/default.aspx")
   Else
    LtlLogin.Text = "<p>sorry wrong login details</p>"
   End If
End If

End Sub

Function DBAuthenticate(ByVal strUsername As String, ByVal strPassword As String) As Boolean
 Dim Connection As OleDbConnection
 Connection = New OleDbConnection("Provider=Microsoft.Jet.Oledb.4.0; Data Source=C:\Inetpub\wwwroot\net\members.mdb")
 Connection.Open()
 Dim Command As OleDbCommand
 Dim UserExists As Boolean
 Command = New OleDbCommand("SELECT * FROM tblMembers WHERE [Username]='" & strUsername & "' AND [Password]='" & strPassword & "'", Connection)
 Dim DataReader As OleDbDataReader
 DataReader = Command.ExecuteReader()

If DataReader.Read() Then
  UserExists = True
 Else
  UserExists = False
End If
Connection.Close()

 Return UserExists
End Function

</script>

<html xmlns="http://www.w3.org/1999/xhtml">
<head id="Head1" runat="server">
<title>Admin Log In</title>
</head>
<body>
<form id="form1" runat="server">
<div>
<h1>Log In</h1>

Username:<br />
<asp:TextBox ID="UserName" Runat="server" /><br />
Password:<br />
<asp:TextBox ID="Password" TextMode="password" Runat="server" /><br />
<asp:Button ID="LoginButton" Text="Log In" OnClick="LogIn" Runat="server" /><br />

<asp:Literal ID="LtlLogin" Runat="server" />

</div>
</form>
</body>
</html>

If the username and password entered don't match we call our function DBAuthenticate and pass in the log in username and password. Essentially the function creates a connection, command and datareader object, executes the SQL statement, and checks whether any records are returned that match the username and password entered. If there are then the variable boolean UserExists is set to True and the function returns this value. (If you need to you can read more on ASP.NET databases.)

The FormsAuthenication.SetAuthCookie method is then called and passed 2 parameters. Unlike the RedirectFromLoginPage method the SetAuthCookie doesn't have redirect properties so we have hardcoded the login redirects, with the members being redirected to 'members/default.aspx'.

If the user isn't authenticated then our literal control 'LtlLogin' will display a login error.

Part 1 - ASP.NET Database Login Introduction
Part 3 - the Web.config file

Download the Source Code

Get the best ASP hosting with DiscountASP.NET - great value, money back guarantee.

Advertisements



MembersPro

MembersPro PayPal - ASP Membership software

Plug and play ASP membership script that integrates with PayPal to let you charge recurring membership fees.

Global ASP.NET Hosting Leader - Click Here