I have implemented forms authentication but when I click my login button it just resets my page like nothing has happened.... Can someone please tell me what I am doing wrong? I am using a url rewrite.... could this have anything to do with my issue?
WEB.CONFIG
Code:<?xml version="1.0"?> <configuration> <connectionStrings> <add name="DBConnectionString" connectionString="Data Source=XXREMOVEDXX;Initial Catalog=XXREMOVEDXX;Persist Security Info=True;User ID=XXREMOVEDXX;Password=XXREMOVEDXX" providerName="System.Data.SqlClient" /> </connectionStrings> <appSettings> <add key="Telerik.ScriptManager.TelerikCdn" value="Enabled"/> <add key="Telerik.StyleSheetManager.TelerikCdn" value="Enabled"/> </appSettings> <system.web> <customErrors mode="Off"/> <compilation debug="true" strict="false" explicit="true" targetFramework="4.0"/> <authentication mode="Forms"> <forms loginUrl="login/" name=".ASPXAUTH" protection="All"/> </authentication> <authorization> <allow users="*"/> </authorization> <pages> <controls> <add tagPrefix="telerik" namespace="Telerik.Web.UI" assembly="Telerik.Web.UI"/> </controls> </pages> <httpHandlers> <add path="ChartImage.axd" type="Telerik.Web.UI.ChartHttpHandler" verb="*" validate="false"/> <add path="Telerik.Web.UI.SpellCheckHandler.axd" type="Telerik.Web.UI.SpellCheckHandler" verb="*" validate="false"/> <add path="Telerik.Web.UI.DialogHandler.aspx" type="Telerik.Web.UI.DialogHandler" verb="*" validate="false"/> <add path="Telerik.RadUploadProgressHandler.ashx" type="Telerik.Web.UI.RadUploadProgressHandler" verb="*" validate="false"/> <add path="Telerik.Web.UI.WebResource.axd" type="Telerik.Web.UI.WebResource" verb="*" validate="false"/> </httpHandlers> <httpModules> <add name="RadUploadModule" type="Telerik.Web.UI.RadUploadHttpModule"/> <add name="RadCompression" type="Telerik.Web.UI.RadCompression"/> </httpModules> </system.web> <location path="members"> <system.web> <authorization> <allow roles="MEMBER,ADMIN"/> <!-- comma separate which users are allowed to view these pages after logging in --> <deny users="*"/> </authorization> </system.web> </location> <location path="admin"> <system.web> <authorization> <allow roles="ADMIN"/> <deny users="*"/> </authorization> </system.web> </location> <system.webServer> <rewrite> <rules> <rule name="Rewrite All" stopProcessing="true"> <match url="^(.*)$" /> <conditions logicalGrouping="MatchAll"> <add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" /> <add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true" /> </conditions> <action type="Rewrite" url="article.aspx" /> </rule> </rules> </rewrite> <defaultDocument> <files> <clear/> <add value="default.aspx"/> <add value="index.html"/> </files> </defaultDocument> <validation validateIntegratedModeConfiguration="false"/> <modules runAllManagedModulesForAllRequests="true"> <remove name="RadUploadModule"/> <add name="RadUploadModule" type="Telerik.Web.UI.RadUploadHttpModule" preCondition="integratedMode"/> <remove name="RadCompression"/> <add name="RadCompression" type="Telerik.Web.UI.RadCompression" preCondition="integratedMode"/> </modules> <handlers> <remove name="ChartImage_axd"/> <add name="ChartImage_axd" path="ChartImage.axd" type="Telerik.Web.UI.ChartHttpHandler" verb="*" preCondition="integratedMode"/> <remove name="Telerik_Web_UI_SpellCheckHandler_axd"/> <add name="Telerik_Web_UI_SpellCheckHandler_axd" path="Telerik.Web.UI.SpellCheckHandler.axd" type="Telerik.Web.UI.SpellCheckHandler" verb="*" preCondition="integratedMode"/> <remove name="Telerik_Web_UI_DialogHandler_aspx"/> <add name="Telerik_Web_UI_DialogHandler_aspx" path="Telerik.Web.UI.DialogHandler.aspx" type="Telerik.Web.UI.DialogHandler" verb="*" preCondition="integratedMode"/> <remove name="Telerik_RadUploadProgressHandler_ashx"/> <add name="Telerik_RadUploadProgressHandler_ashx" path="Telerik.RadUploadProgressHandler.ashx" type="Telerik.Web.UI.RadUploadProgressHandler" verb="*" preCondition="integratedMode"/> <remove name="Telerik_Web_UI_WebResource_axd"/> <add name="Telerik_Web_UI_WebResource_axd" path="Telerik.Web.UI.WebResource.axd" type="Telerik.Web.UI.WebResource" verb="*" preCondition="integratedMode"/> </handlers> </system.webServer> </configuration>
DEFAULT.ASPX - location in the /login directory
DEFAULT.ASPX.VBCode:<%@ Page Title="" Language="VB" MasterPageFile="~/masterpage.master" AutoEventWireup="false" CodeFile="default.aspx.vb" Inherits="login_default" %> <asp:Content ID="Content1" ContentPlaceHolderID="head" Runat="Server"> </asp:Content> <asp:Content ID="Content2" ContentPlaceHolderID="ContentPlaceHolder1" Runat="Server"> <div id="main-sub-container"> <table align="center" cellpadding="2" class="style1"> <tr> <td colspan="2"> The page or area you are trying to access requires you to be logged in. <br /> Please enter your user name and password to login. </td> </tr> <tr> <td> </td> <td> </td> </tr> <tr> <td> User Name: </td> <td> <asp:TextBox ID="txtUserName" runat="server" Width="250px"></asp:TextBox> </td> </tr> <tr> <td> Password: </td> <td> <asp:TextBox ID="txtPassword" runat="server" TextMode="Password" Width="250px"></asp:TextBox> </td> </tr> <tr> <td> </td> <td> <asp:Button ID="btnLoginAdmin" runat="server" Text="Login" /> </td> </tr> <tr> <td> </td> <td> <asp:Label ID="lblStatus" runat="server" ForeColor="Red"></asp:Label> </td> </tr> </table> </div> </asp:Content>
UTILS.VBCode:Imports System.Data.SqlClient Imports Utils Partial Class login_default Inherits System.Web.UI.Page Protected Sub btnLoginAdmin_Click(sender As Object, e As System.EventArgs) Handles btnLoginAdmin.Click If txtUserName.Text = "" Then lblStatus.Text = "Error: User Name is required to login!" ElseIf txtPassword.Text = "" Then lblStatus.Text = "Error: Password is required to login!" Else Try Dim connString = ConfigurationManager.ConnectionStrings("DBConnectionString").ToString Dim sql As String = String.Format("SELECT * FROM Members WHERE MemberEmail='{0}' AND MemberPassword='{1}'", _ SQLSafe(txtUserName.Text), SQLSafe(txtPassword.Text)) Dim conn As SqlConnection = New SqlConnection(connString) Dim command As SqlCommand = New SqlCommand(sql, conn) conn.Open() Dim sqlReader As SqlDataReader = command.ExecuteReader() If sqlReader.Read = True Then Response.Redirect("/admin/", True) Else lblStatus.Visible = True lblStatus.Text = "Error: Invalid user name or password." End If conn.Close() Catch ex As Exception lblStatus.Text = "Error: Unable to connect to the database at this time." End Try End If End Sub End Class
Code:Imports System Public Class Utils Public Shared Function SQLSafe(ByVal SQL As String) As String SQLSafe = SQL.Replace("'", "''") End Function End Class
Reply With Quote