Developing a Login Box the Simplest Way.
10 Jul
Developing a Login Box the Simplest Way.
Introduction: This article will guide you to develop your own login box in the simplest way ever. In the sample that accompanies this article I have used Visual Studio 2008 and developed the Application in WPF (Windows Presentation Foundation) with Visual Basic.Net. In the attachments I have given the whole project with functionality.
Before reading further Please make sure that that you know how to create a WPF project using Visual Studio 2008 and you know how to connect to Access Database in Visual Basic.Net
Let us Begin.
Step 1. I have designed a simple Login Form using the following controls.
|
Control Name |
Control Type |
|
txtUserName |
TextBox |
|
txtPassword |
TextBox |
|
cmdExit |
Button |
|
cmdLogin |
Button |
|
lblUsername |
Label |
|
lblPassword |
Label |
|
lblTitle |
Label |
The Figure Shows How the Login Box Looks
Step 2. Create a table in a database which has the following fields name the Table as Login.
|
Column Name |
DataType |
Primary Key |
|
UserName |
Text |
Yes |
|
Password |
Text |
No |
Step 3. Connect your Application to the Database.
For This First Create the Connection Object. As we are using Access as the backend we need to use the OLEDB objects.
First Import System.Data and System.Data.Oledb namespaces in your Code.
i.e.
Imports System.Data
Imports System.Data.OleDb
Use the following code to create an Connection object
Dim objCon As New OleDbConnection(“Provider=Microsoft.Jet.Oledb.4.0 ; data source=sample.mdb”)
We are using Provider Microsoft.Jet.Oledb.4.0 because we are working with one of Microsoft’s Jet Databases “Access 2000″.
Step 4. Create dataset’s and data adapters.
We need to create a Data Set and a Data Adapter to complete this simple problem.
Use the Following code to create the Dataset and DataAdapter
Dim ds As New DataSet
Dim dap As OleDbDataAdapter
- Note I have not Initialized the OledbDataAdapter here because the whole concept of login depends on the Select Statement that we pass to the dataadapter.
Final Step. Complete The Login.
On the cmdLogin button Click Event Type this code.
Private Sub cmdLogin_Click(ByVal sender As System.Object, ByVal e As System.Windows.RoutedEventArgs) Handles cmdLogin.Click
ds.Clear()
dap = New OleDbDataAdapter(“select * from Login where username=’” & txtUserName.Text & “‘ and [password]=’” & txtPassword.Text & “‘”, objCon)
dap.Fill(ds)
If ds.Tables(0).Rows.Count <> 0 Then
MessageBox.Show(“Login Successfull!!!”)
Else
MessageBox.Show(“Login Failed!!!”)
End If
End Sub
The Select statement that gets generated is Select * From Login where UserName=”what ever user enters in the username text box” and password=”what ever user enters in the password textbox“
The Fill method of the Adapter gets the data in the Dataset.
The If condition checks whether Rows are returned and if No Rows are returned it displays the Error Message and if Rows are returned it displays the Welcome Message.
Conclusion: This is the simplest way to achieve a login functionality in our program. This method can also be used for ASP.net.
Regards
Hefin D’souza
[Software Freelancer And Trainner]
Awesome!!
Thanks for sharing.
Looking for job!
freelance management is a comprehensive company that lists quality Job openings.
Oh, common! Plain SELECT with concatenation directly from the user’s box?
Your should at least filter user’s input!
In the current implementation it is vulnerable to the SQL Injection attack! Try to enter in your UserName field something like that and see what’s happen (it doesn’t matter what to enter into the password textbox):
‘ OR 1 = 1; /*
think for this tuto
” Dymitr says:
Oh, common! Plain SELECT with concatenation directly from the user’s box?
Your should at least filter user’s input!
In the current implementation it is vulnerable to the SQL Injection attack! Try to enter in your UserName field something like that and see what’s happen (it doesn’t matter what to enter into the password textbox):
‘ OR 1 = 1; / ”
This is just for Demonstration purpose it is not an Actual imlementation of a Login Box.
Regarding Dymitr’s comment about SQL injection attacks: As a service to your readers, I would suggest at least providing a caveat in the summary that they should add code to prevent this in their production code. The odds are good that someone will implement your \demo\ as their production code.
I wish more people would write blogs like this that are actually helpful to read. With all the fluff floating around on the web, it is rare to read a blog like yours instead.