Login stored procedures
This is the way for logging into a page in asp.net
first we make a stored procedure called logincheck:
CREATE PROCEDURE logincheck
(
@u varchar(50),
@p varchar(100)
)
as
declare @ap varchar(50)
select @ap=password from tbuser where loginid=@u
if @ap is null
return -1
else
if @ap=@p
return 1
else
return -2
Then on code page make a method names checkuser:-
private Int32 checkuser(string u, string p)
{
SqlConnection con = new SqlConnection();
con.ConnectionString = ConfigurationManager.ConnectionStrings["cn"].ConnectionString;
con.Open();
SqlCommand cmd = new SqlCommand("logincheck", con);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add("@u", SqlDbType.VarChar, 50).Value = u;
cmd.Parameters.Add("@p", SqlDbType.VarChar, 50).Value = p;
SqlParameter p1 = new SqlParameter("ret", SqlDbType.Int);
p1.Direction = ParameterDirection.ReturnValue;
cmd.Parameters.Add(p1);
cmd.ExecuteNonQuery();
Int32 k;
k = Convert.ToInt32(cmd.Parameters["ret"].Value);
cmd.Dispose();
return k;
}
And then on button click:-
Int32 r = checkuser(TextBox1.Text, TextBox2.Text);
if (r == -1)
{
Label1.Text = "Incorrect User Id";
}
if (r == -2)
{
Label1.Text = "Incorrect Password";
}
if (r == 1)
{
SqlDataAdapter adp = new SqlDataAdapter("select uid, loginid from tbuser where loginid='" + TextBox1.Text + "' and password ='" + TextBox2.Text + "'", ConfigurationManager.ConnectionStrings["cn"].ConnectionString);
DataSet ds = new DataSet();
adp.Fill(ds);
Session["uid"] = ds.Tables[0].Rows[0][0].ToString();
Session["loginid"] = TextBox1.Text;
Session["password"] = TextBox2.Text;
if (TextBox1.Text == "admin")
{
Response.Redirect("home.aspx"); //redirect to any desired page
}
}
else
{
Label1.Text = "Incorrect User Id / Password ";
}
very usefull