There's a table "Login" having values of "username" and 'password" coloumn's value in it. A login form in ADO.Net as frontend, and want to check if the value of "username and password" of form matches then the next form should be displayed. how should i do it with minimum lines of code.
+3
A:
- Do not store plain text password in the database. Never.
- The ASP.NET Login form has an OnLogin or something similar event. You need to attach a method to it.
- Query the database for the credentials of the user that tried to log in. That is:
SELECT * FROM LOGIN WHERE USERNAME = @P_USERNAME;
Then you compare the password you got from the database with the password the user entered, and you're done.
DrJokepu
2008-11-11 13:56:00
To clarify the apparent conflict between points one and three, you use a function like SQL Server's HashBytes() to store a HASH of the password, rather than the password itself. When the user tries to login, you also hash the credential they entered, and then compare the hashed values.
Joel Coehoorn
2008-11-11 14:10:15
A:
Use the Membership provider instead. Than use the login control.
Bruno Figueiredo
Bruno Shine
2008-11-11 13:56:46
A:
For the least lines of code, use forms authentication and the asp login control:
MarkB
2008-11-11 13:57:39