When we start start learning some language the very first code we do is for Printing "Hello!"
And when one thinks that he had learnt enough and is the time to make it large then what comes first in mind is "Library Management System", "Hotel Management System" etc
Or "Social Networking Site", "Blog" etc in web development. And the very first step to all these is the creation of LOGIN mechanism and techniques so today i'am gonna discuss about how to login user effectively with security and with less effort.
The mechanism or the algorithm m gonna discuss is very simple but yet effective. I'll be discussing it in C# for developing a login page using MS Visual Studio 2010 framework ASP.NET 4.
Software's we'll needing are
1. MS Visual Studio 2010
2. MS SQL Server 2008 R2
So lets get started.................
STEP I. Open VS(Visual Studio) and create a new website from File>New>Website>Select Empty Webiste from the dialog box.
STEP II. Now you'll find in the Solution Explorer you website name and an web.config file. Right click anywhere in the solution explorer and click Add New Item in the menu. Select Web Form from the dialog and name it login.aspx in the text box provided on the bottom. Hit Add.
Step II. Go to the design mode of the login.aspx by right clicking on the login.aspx and clicking on View Designer.
And now drag control from Toolbox to you form( 2 Label Box, 2 Text Box, 1 Button). And arrange them as you want.
STEP III. Name your control as txtuname(TextBox1), txtpassword(TextBox2), btnlogin(Button1)
STEP IV. Add following lines in your web.config file in Solution Explorer
<appSettings>
<add key="ConnectionInfo" value="Data Source=<user>\SQLEXPRESS;Initial Catalog=<database name>;Integrated Security=True " />
</appSettings>
This is done for the purpose of connectivity with our databse.
STEP V. Go to the login.aspx.cs (the code file) and import these packahes
using System.Data.SqlClient;
using System.Configuration;
using System.Data;
and add following code in the Button Click event event in order to connect to the Database
protected void btnlogin_Click(object sender, EventArgs e)
{
SqlConnection con = new SqlConnection();
string con_info = ConfigurationManager.AppSettings["ConnectionInfo"].ToString();
con.ConnectionString = con_info;
try
{
if (con.State == System.Data.ConnectionState.Closed)
{
con.Open();
}
}
catch (Exception err)
{
//add you code here that need to be displayed on error
return;
}
SqlCommandBuilder cb = new SqlCommandBuilder();
SqlDataAdapter da = new SqlDataAdapter("SELECT * FROM [<table name> WHERE [<username column>] = '" + txtusername.Text +"' AND [<password column>] = '"+txtpassword.Text +"'", con);
DataTable dt = new DataTable();
da.Fill(dt);
if (dt.Rows.Count == 1)
{
con.Close();
Response.Redirect("~/<success page.aspx>");
}
else
{
con.Close();
}
}
And that's all. Now when the user enters username and password in the run-time this page will verify username and password and on encountering valid username and password redirects to the provided page.
And when one thinks that he had learnt enough and is the time to make it large then what comes first in mind is "Library Management System", "Hotel Management System" etc
Or "Social Networking Site", "Blog" etc in web development. And the very first step to all these is the creation of LOGIN mechanism and techniques so today i'am gonna discuss about how to login user effectively with security and with less effort.
The mechanism or the algorithm m gonna discuss is very simple but yet effective. I'll be discussing it in C# for developing a login page using MS Visual Studio 2010 framework ASP.NET 4.
Software's we'll needing are
1. MS Visual Studio 2010
2. MS SQL Server 2008 R2
So lets get started.................
STEP I. Open VS(Visual Studio) and create a new website from File>New>Website>Select Empty Webiste from the dialog box.
STEP II. Now you'll find in the Solution Explorer you website name and an web.config file. Right click anywhere in the solution explorer and click Add New Item in the menu. Select Web Form from the dialog and name it login.aspx in the text box provided on the bottom. Hit Add.
Step II. Go to the design mode of the login.aspx by right clicking on the login.aspx and clicking on View Designer.
And now drag control from Toolbox to you form( 2 Label Box, 2 Text Box, 1 Button). And arrange them as you want.
STEP III. Name your control as txtuname(TextBox1), txtpassword(TextBox2), btnlogin(Button1)
STEP IV. Add following lines in your web.config file in Solution Explorer
<appSettings>
<add key="ConnectionInfo" value="Data Source=<user>\SQLEXPRESS;Initial Catalog=<database name>;Integrated Security=True " />
</appSettings>
This is done for the purpose of connectivity with our databse.
STEP V. Go to the login.aspx.cs (the code file) and import these packahes
using System.Data.SqlClient;
using System.Configuration;
using System.Data;
and add following code in the Button Click event event in order to connect to the Database
protected void btnlogin_Click(object sender, EventArgs e)
{
SqlConnection con = new SqlConnection();
string con_info = ConfigurationManager.AppSettings["ConnectionInfo"].ToString();
con.ConnectionString = con_info;
try
{
if (con.State == System.Data.ConnectionState.Closed)
{
con.Open();
}
}
catch (Exception err)
{
//add you code here that need to be displayed on error
return;
}
SqlCommandBuilder cb = new SqlCommandBuilder();
SqlDataAdapter da = new SqlDataAdapter("SELECT * FROM [<table name> WHERE [<username column>] = '" + txtusername.Text +"' AND [<password column>] = '"+txtpassword.Text +"'", con);
DataTable dt = new DataTable();
da.Fill(dt);
if (dt.Rows.Count == 1)
{
con.Close();
Response.Redirect("~/<success page.aspx>");
}
else
{
con.Close();
}
And that's all. Now when the user enters username and password in the run-time this page will verify username and password and on encountering valid username and password redirects to the provided page.
OK Mukul Jayaprakash
ReplyDeleteAnswer for your query is this
I Used the Session creation technique for preventing the user from accessing the pages without login which is the common problem we face when developing and login required website
The user enters correct credentials add this code
Session["login_status"] = "true";
And on the Page load event of the page you want to prevent accessing check this status if true like this
protected void Page_Load(object sender, EventArgs e)
{
if(Session["login_status"] == null
{
response.redirect("~/login.aspx")
}
}
hope you find it helpfull