-
Jan 25th, 2021, 05:04 AM
#1
[RESOLVED] Show firstname and familyname after login.
I want to show the firstname and familyname in a textbox in the main form.
I've got a registrationform with a firstname, familyname, username and password
After registration it is registrated in a tableregistration.
It's working fine to show the username into a textbox in the main form (see code)
How can I show the firstname and familyname in the textbox instead of the username
Code:
Private Sub Btn_login_Click(sender As Object, e As EventArgs) Handles Btn_login.Click
Dim cmd As New SqlCommand("select * from tableregistration where username = @username and password = @password ", con)
con.Open()
cmd.Parameters.Add("@username", SqlDbType.VarChar).Value = txtusername.Text
cmd.Parameters.Add("@password", SqlDbType.VarChar).Value = txtpassword.Text
Dim adapt As New SqlDataAdapter(cmd)
Dim table As New DataTable
adapt.Fill(table)
con.Close()
If table.Rows.Count() <= 0 Then
MessageBox.Show("Username or password invalid
or not yet registered !")
txtusername.Text = ""
txtpassword.Text = ""
txtusername.Focus()
Else
' It shows the username perfectly !
MessageBox.Show("Welcome" & " " & txtusername.Text)
Frm_main.TextBox1.Text = txtusername.Text
Me.Close()
End If
End Sub
Thanks in advance.
-
Jan 25th, 2021, 07:08 AM
#2
Re: Show firstname and familyname after login.
Originally Posted by sparrow1
I've got a registrationform with a firstname, familyname
For the record, you shouldn't really use that combination of field names. You should either use firstName and lastName or givenName and familyName. That's because there are some cultures where the family name actually comes first, so one or both of your field names would be wrong in that case. Ideally, you should use givenName and familyName and use a Boolean flag that defaults to False to indicate whether the familyName should be written first.
-
Jan 25th, 2021, 07:49 AM
#3
Re: Show firstname and familyname after login.
@sparrow1
I don't think that it will work that way, In Germany you a lot of common First and Lastnames
I just did a check online for:
Firstname = Walter
Lasname = Schmidt
and get over 90 results, should be the same with englisch names
to hunt a species to extinction is not logical !
since 2010 the number of Tigers are rising again in 2016 - 3900 were counted. with Baby Callas it's 3901, my wife and I had 2-3 months the privilege of raising a Baby Tiger.
-
Jan 25th, 2021, 08:14 AM
#4
Re: Show firstname and familyname after login.
As for the issue, the problem is that you're not getting any data out of your DataTable. You're just using the values the user entered. If you want to use the data you retrieved then you have to actually use the data you retrieved. If you don't know how to get data out of a DataTable then that's what you should research. There are loads of examples around.
-
Jan 31st, 2021, 11:27 PM
#5
Lively Member
Re: Show firstname and familyname after login.
When you open the form2, you only have to pass variable to the constructor of form, and pass it to some control, which will show the value (ie. username):
Code:
'on form1:
Public Property YourUserName() As String
Get
Return m_YourUserName
End Get
Private Set
m_YourUserName = Value
End Set …
Reference:link
-
Feb 18th, 2021, 05:58 AM
#6
Re: Show firstname and familyname after login.
After some search and suggestions I created this code.
Code:
con.Open()
Dim search As String
search = "select id,givenName,familyName,userName,password from tabelregistratie where userName= '" + txtuserName.Text + "'"
Dim cmd As New SqlCommand(search, con)
Dim myreader As SqlDataReader
myreader = cmd.ExecuteReader
myreader.Read()
If myreader.HasRows Then
Frm_main.loginName.Text = "Welkom:" & " " & myreader("givenName") & " " & myreader("familyName")
Else
End If
con.Close()
Me.Close()
It could be that there are some better ways, but it's working.
Thanks for teh suggestions.
-
Feb 18th, 2021, 09:44 AM
#7
Re: Show firstname and familyname after login.
I have a couple of notes for you. You do not need to implement them, but I would highly recommend it.
You should still use a parameterized query like you were doing in your original post. Parameterizing your queries help prevent common hacking techniques like SQL injection.
Since nearly every data object you're using implements IDisposable, ideally you should be wrapping your variable declarations in Using statements. A Using declaration block guarantees that the objects will be disposed properly.
Your original post had a worse SQL command because you were using the * wildcard. Your next code is better, but ideally you wouldn't be returning the password. What's worse is that it appears you're storing the password, as-is, without any hashing. Something that you should highly consider is hashing the password and then storing the hash in the tabelregistratie table, preferably with a salt. The general rule is that you do the following when you create a user:
- Generate a salt, which is just a series of random characters
- Append the salt to the password that the user password
- Hash the password (with the appended salt) using the Crypto.HashPassword (documentation) method
- Store the hash in the SQL table
Then when you want to verify a user login, you would:
- Get the user by the user's identifier (usually their email or username)
- Append the salt from the table to the password that the user supplied
- Hash the password (with the appended salt) using the Crypto.HashPassword method
- Compare if the hashed password in the table and the hashed password from the user's input matches
Finally, it seems to me like you want to retain the user's information after they log in. If that is the case, then you should create a strongly typed object that represents your tabelregistratie table. Once the class is setup, you can create a Function that returns a new instance of the user on a successful login or returns nothing on a failed login. Then on successful logins, you'd just get the necessary properties you need and store the returned object at a higher scope (like at the form level).
Take a look at this example. I'm not implementing the password hashing, but it can be easily modified.
Here is how the class would look:
Code:
Public Class Registratie
Public Property Id As Integer
Public Property GivenName As String
Public Property FamilyName As String
Public Property UserName As String
End Class
This is how the method would look:
Code:
Private Function Login(username As String, password As String) As Registratie
Dim returningUser As Registratie = Nothing
Dim connectionString = "my connection string"
Dim commandText = "SELECT id, givenName, familyName, userName FROM tabelregistratie WHERE userName = @0 AND password = @1;"
Try
Using con = New SqlConnection(connectionString)
Using cmd = New SqlCommand(commandText, con)
cmd.Parameters.Add("@0", SqlDbType.VarChar).Value = username
cmd.Parameters.Add("@1", SqlDbType.VarChar).Value = password
con.Open()
Using myreader = cmd.ExecuteReader()
If (myreader.Read()) Then
returningUser = New Registratie() With { .Id = Convert.ToInt32(myreader("id").ToString()), .GivenName = myreader("givenName").ToString(), .FamilyName = myreader("familyName").ToString(), .UserName = myreader("userName").ToString() }
End If
End Using
con.Close()
End Using
End Using
Catch ex As Exception
' do something meaningful here, not just a writeline
Console.WriteLine(ex.Message)
End Try
Return returningUser
End Function
And finally, here is how you would use the method:
Code:
Private user As Registratie
Private Sub Btn_login_Click(sender As Object, e As EventArgs) Handles Btn_login.Click
user = Login(txtusername.Text, txtpassword.Text)
If (user Is Nothing) Then
MessageBox.Show("Username or password invalid or not yet registered!")
Return
End If
MessageBox.Show($"Welcome {txtusername.Text}")
Frm_main.TextBox1.Text = $"Welcome: {user.GivenName} {user.FamilyName}"
Me.Close()
End Sub
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|