Results 1 to 7 of 7

Thread: [RESOLVED] Show firstname and familyname after login.

  1. #1

    Thread Starter
    PowerPoster sparrow1's Avatar
    Join Date
    May 2005
    Location
    Globetrotter
    Posts
    2,820

    Resolved [RESOLVED] Show firstname and familyname after login.

    I want to show the firstname and familyname in a textbox in the main form.

    I've got a registrationform with a firstname, familyname, username and password
    After registration it is registrated in a tableregistration.
    It's working fine to show the username into a textbox in the main form (see code)

    How can I show the firstname and familyname in the textbox instead of the username


    Code:
     Private Sub Btn_login_Click(sender As Object, e As EventArgs) Handles Btn_login.Click
    
            Dim cmd As New SqlCommand("select * from tableregistration where username = @username and password = @password ", con)
    
            con.Open()
            cmd.Parameters.Add("@username", SqlDbType.VarChar).Value = txtusername.Text
            cmd.Parameters.Add("@password", SqlDbType.VarChar).Value = txtpassword.Text
    
            Dim adapt As New SqlDataAdapter(cmd)
    
            Dim table As New DataTable
            adapt.Fill(table)
    
            con.Close()
    
            If table.Rows.Count() <= 0 Then
    
                MessageBox.Show("Username or password invalid 
                                 or not yet registered !")
    
                txtusername.Text = ""
                txtpassword.Text = ""
                txtusername.Focus()
    
            Else
    
                ' It shows the username perfectly !
    
                MessageBox.Show("Welcome" & " " & txtusername.Text)
                Frm_main.TextBox1.Text = txtusername.Text
               
                Me.Close()
              
            End If
    
        End Sub
    Thanks in advance.
    Wkr,
    sparrow1

    If I helped you, don't forget to Rate my post. Thank you

    I'm using Visual Studio.Net 2003 and
    2005
    How to learn VB.Net Create setup with VB 2005 Drawing for beginners VB.Net Tutorials GDI+ Tutorials
    Video's for beginners

  2. #2
    Super Moderator jmcilhinney's Avatar
    Join Date
    May 2005
    Location
    Sydney, Australia
    Posts
    110,299

    Re: Show firstname and familyname after login.

    Quote Originally Posted by sparrow1 View Post
    I've got a registrationform with a firstname, familyname
    For the record, you shouldn't really use that combination of field names. You should either use firstName and lastName or givenName and familyName. That's because there are some cultures where the family name actually comes first, so one or both of your field names would be wrong in that case. Ideally, you should use givenName and familyName and use a Boolean flag that defaults to False to indicate whether the familyName should be written first.

  3. #3
    PowerPoster ChrisE's Avatar
    Join Date
    Jun 2017
    Location
    Frankfurt
    Posts
    3,046

    Re: Show firstname and familyname after login.

    @sparrow1

    I don't think that it will work that way, In Germany you a lot of common First and Lastnames
    I just did a check online for:
    Firstname = Walter
    Lasname = Schmidt

    and get over 90 results, should be the same with englisch names
    to hunt a species to extinction is not logical !
    since 2010 the number of Tigers are rising again in 2016 - 3900 were counted. with Baby Callas it's 3901, my wife and I had 2-3 months the privilege of raising a Baby Tiger.

  4. #4
    Super Moderator jmcilhinney's Avatar
    Join Date
    May 2005
    Location
    Sydney, Australia
    Posts
    110,299

    Re: Show firstname and familyname after login.

    As for the issue, the problem is that you're not getting any data out of your DataTable. You're just using the values the user entered. If you want to use the data you retrieved then you have to actually use the data you retrieved. If you don't know how to get data out of a DataTable then that's what you should research. There are loads of examples around.

  5. #5
    Lively Member
    Join Date
    Jan 2020
    Posts
    120

    Re: Show firstname and familyname after login.

    When you open the form2, you only have to pass variable to the constructor of form, and pass it to some control, which will show the value (ie. username):

    Code:
    'on form1:
        Public Property YourUserName() As String
            Get
                Return m_YourUserName
            End Get
            Private Set
                m_YourUserName = Value
            End Set …


    Reference:link

  6. #6

    Thread Starter
    PowerPoster sparrow1's Avatar
    Join Date
    May 2005
    Location
    Globetrotter
    Posts
    2,820

    Re: Show firstname and familyname after login.

    After some search and suggestions I created this code.

    Code:
     
    
    con.Open()
    
            Dim search As String
    
            search = "select id,givenName,familyName,userName,password from tabelregistratie where userName= '" + txtuserName.Text + "'"
    
            Dim cmd As New SqlCommand(search, con)
            Dim myreader As SqlDataReader
            myreader = cmd.ExecuteReader
            myreader.Read()
    
            If myreader.HasRows Then
    
                Frm_main.loginName.Text = "Welkom:" & " " & myreader("givenName") & " " & myreader("familyName")
            Else
    
            End If
    
            con.Close()
            Me.Close()
    It could be that there are some better ways, but it's working.
    Thanks for teh suggestions.
    Wkr,
    sparrow1

    If I helped you, don't forget to Rate my post. Thank you

    I'm using Visual Studio.Net 2003 and
    2005
    How to learn VB.Net Create setup with VB 2005 Drawing for beginners VB.Net Tutorials GDI+ Tutorials
    Video's for beginners

  7. #7
    Super Moderator dday9's Avatar
    Join Date
    Mar 2011
    Location
    South Louisiana
    Posts
    11,715

    Re: Show firstname and familyname after login.

    I have a couple of notes for you. You do not need to implement them, but I would highly recommend it.

    You should still use a parameterized query like you were doing in your original post. Parameterizing your queries help prevent common hacking techniques like SQL injection.

    Since nearly every data object you're using implements IDisposable, ideally you should be wrapping your variable declarations in Using statements. A Using declaration block guarantees that the objects will be disposed properly.

    Your original post had a worse SQL command because you were using the * wildcard. Your next code is better, but ideally you wouldn't be returning the password. What's worse is that it appears you're storing the password, as-is, without any hashing. Something that you should highly consider is hashing the password and then storing the hash in the tabelregistratie table, preferably with a salt. The general rule is that you do the following when you create a user:
    1. Generate a salt, which is just a series of random characters
    2. Append the salt to the password that the user password
    3. Hash the password (with the appended salt) using the Crypto.HashPassword (documentation) method
    4. Store the hash in the SQL table


    Then when you want to verify a user login, you would:
    1. Get the user by the user's identifier (usually their email or username)
    2. Append the salt from the table to the password that the user supplied
    3. Hash the password (with the appended salt) using the Crypto.HashPassword method
    4. Compare if the hashed password in the table and the hashed password from the user's input matches


    Finally, it seems to me like you want to retain the user's information after they log in. If that is the case, then you should create a strongly typed object that represents your tabelregistratie table. Once the class is setup, you can create a Function that returns a new instance of the user on a successful login or returns nothing on a failed login. Then on successful logins, you'd just get the necessary properties you need and store the returned object at a higher scope (like at the form level).

    Take a look at this example. I'm not implementing the password hashing, but it can be easily modified.

    Here is how the class would look:
    Code:
    Public Class Registratie
    
        Public Property Id As Integer
        Public Property GivenName As String
        Public Property FamilyName As String
        Public Property UserName As String
    
    End Class
    This is how the method would look:
    Code:
    Private Function Login(username As String, password As String) As Registratie
        Dim returningUser As Registratie = Nothing
        Dim connectionString = "my connection string"
        Dim commandText = "SELECT id, givenName, familyName, userName FROM tabelregistratie WHERE userName = @0 AND password = @1;"
        Try
            Using con = New SqlConnection(connectionString)
                Using cmd = New SqlCommand(commandText, con)
                    cmd.Parameters.Add("@0", SqlDbType.VarChar).Value = username
                    cmd.Parameters.Add("@1", SqlDbType.VarChar).Value = password
    
                    con.Open()
                    Using myreader = cmd.ExecuteReader()
                        If (myreader.Read()) Then
                            returningUser = New Registratie() With { .Id = Convert.ToInt32(myreader("id").ToString()), .GivenName = myreader("givenName").ToString(), .FamilyName = myreader("familyName").ToString(), .UserName = myreader("userName").ToString() }
                        End If
                    End Using
                    con.Close()
                End Using
            End Using
        Catch ex As Exception
            ' do something meaningful here, not just a writeline
            Console.WriteLine(ex.Message)
        End Try
    
        Return returningUser
    End Function
    And finally, here is how you would use the method:
    Code:
    Private user As Registratie
    Private Sub Btn_login_Click(sender As Object, e As EventArgs) Handles Btn_login.Click
        user = Login(txtusername.Text, txtpassword.Text)
    
        If (user Is Nothing) Then
            MessageBox.Show("Username or password invalid or not yet registered!")
            Return
        End If
    
        MessageBox.Show($"Welcome {txtusername.Text}")
        Frm_main.TextBox1.Text = $"Welcome: {user.GivenName} {user.FamilyName}"
        Me.Close()
    End Sub
    "Code is like humor. When you have to explain it, it is bad." - Cory House
    VbLessons | Code Tags | Sword of Fury - Jameram

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Click Here to Expand Forum to Full Width