Results 1 to 9 of 9

Thread: [2005] - SQL Login Form

  1. #1

    Thread Starter
    Lively Member
    Join Date
    Jan 2006
    Posts
    111

    Question [2005] - SQL Login Form

    Hi All,

    I have a login form connecting to a SQL Database but when the OnClick event fires, nothing occurs. I now that it is sorta working because if the user name / password fields are left blank, an error message is displayed

    Code:
    Private Sub OK_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles OK.Click
    
            If UsernameTextBox.TextLength > 1 And UsernameTextBox.TextLength > 1 Then
    
    
                Try
    
                    Dim connStr As String = ConfigurationManager.ConnectionStrings("CRM.NET.My.MySettings.CRMConnectionString").ConnectionString
                    Dim SQL As String = "SELECT UserID, Password FROM tblUsers WHERE UserID = '" & UsernameTextBox.Text & "' AND Password = '" & PasswordTextBox.Text & "'"
    
                    Dim myCommand As New SqlCommand(SQL, New SqlConnection(connStr))
    
                    myCommand.Connection.Open()
    
                    Dim dr As SqlDataReader
    
                    dr = myCommand.ExecuteReader()
    
                    If Not dr.Read() Then
    
                        MessageBox.Show("Login Failed")
    
                    Else
    
                        Dim Form1 As New Form1
                        Form1.Show()
    
                    End If
    
                Catch ex As Exception
    
                End Try
    
            Else
    
                MessageBox.Show("Username and Password Must Be Entered")
    
            End If
    
        End Sub

  2. #2
    Fanatic Member
    Join Date
    Feb 2007
    Location
    Eindhoven
    Posts
    828

    Re: [2005] - SQL Login Form

    output the error message in the catch block. It will help you debug your program better

  3. #3

    Thread Starter
    Lively Member
    Join Date
    Jan 2006
    Posts
    111

    Red face Re: [2005] - SQL Login Form

    omg... How did I miss that. Will put that in and see what error message is returned...

  4. #4
    Super Moderator jmcilhinney's Avatar
    Join Date
    May 2005
    Location
    Sydney, Australia
    Posts
    111,221

    Re: [2005] - SQL Login Form

    As talkro says. You should always put this code in your Catch blocks:
    vb.net Code:
    1. Debug.WriteLine(ex.ToString())
    That will write the error message and stack trace to the Output window when you're debugging but it will not affect the performance of a Release version.

    That said, it's not a bad idea to have a standard mechanism to log unexpected exceptions in deployed apps so you can easily diagnose issues in applications installed on client systems.
    Why is my data not saved to my database? | MSDN Data Walkthroughs
    VBForums Database Development FAQ
    My CodeBank Submissions: VB | C#
    My Blog: Data Among Multiple Forms (3 parts)
    Beginner Tutorials: VB | C# | SQL

  5. #5

    Thread Starter
    Lively Member
    Join Date
    Jan 2006
    Posts
    111

    Question Re: [2005] - SQL Login Form

    Thanks for the hint. The error message returned column name "Password" missing which has now been fixed and the code is now working as expected. On a side note, it it possible to close the login form once the main form has been called.

    I have called "LoginForm.Close" within the MainForm_Load Sub but that closes all the forms. I them tried "LoginForm.Hide", but when closing the application by the close button during debugging, the program is still running.

  6. #6
    Fanatic Member
    Join Date
    Feb 2007
    Location
    Eindhoven
    Posts
    828

    Re: [2005] - SQL Login Form

    using the form.hide trick, you have to make sure that in the the form closing event of the main form, you close the login form has well.

  7. #7
    Frenzied Member
    Join Date
    Nov 2001
    Location
    Mass USA
    Posts
    1,674

    Re: [2005] - SQL Login Form

    A tip of advice, you might want to look up Paramaterization for your sql statement, if you value security.

  8. #8
    Frenzied Member MaximilianMayrhofer's Avatar
    Join Date
    Aug 2007
    Location
    IM IN YR LOOP
    Posts
    2,001

    Re: [2005] - SQL Login Form

    If you are connecting to an SQL Server then you should really be taking advantage of Stored Procedures. They offer maximum security because none of your login validation code is exposed, even to a decompile. Then it is simply a matter of sending the login parameters and receiving either a success or a fail response.

    Also for security as well as optimization reasons, the login authentication should be called before the main application is even run. In C#, this involves modifying the code in Program.cs. I'm not sure where to insert it in VB.

  9. #9
    Super Moderator jmcilhinney's Avatar
    Join Date
    May 2005
    Location
    Sydney, Australia
    Posts
    111,221

    Re: [2005] - SQL Login Form

    Follow the WinForms Login link in my signature.
    Why is my data not saved to my database? | MSDN Data Walkthroughs
    VBForums Database Development FAQ
    My CodeBank Submissions: VB | C#
    My Blog: Data Among Multiple Forms (3 parts)
    Beginner Tutorials: VB | C# | SQL

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Click Here to Expand Forum to Full Width