Login authentication fails

Question

0.00/5 (No votes)

See more:

C#

public override bool ValidateUser(string username, string password)
        {
            using(SqlConnection  conn = new SqlConnection(m_strDBConnection))
            {
                try
                {
                    /* Create command */
                    SqlCommand  command = new SqlCommand("SELECT [Encode],[USERNAME],[PASSWORD]  FROM [dbo].[Users]" + "WHERE [USERNAME]='" + username + "' AND [PASSWORD]='" + password + "'", conn);
                    
                    /* Open connection */
                    conn.Open();
               
                    /* Run query */
                    SqlDataReader  reader = command.ExecuteReader();

                    /* Check if we have something */
                    bool bResult = reader.HasRows;
                    AuthenticateEventArgs e = new AuthenticateEventArgs();
                    
                    /* Close connection */
                    conn.Close();
                    
                    return bResult;
                }
                catch(Exception ex)
                {
                    System.Diagnostics.Trace.WriteLine(ex.Message);
                }
                return false;
            }
        }

It returns like "Your Login Attempt Failed"(Login Failed Message) , when i get fire login. All information are correct for login but it might be problem in web.config. Please Help Me ! :)
Can anybody give me web.config codes for it?

Posted 10-Nov-11 22:33pm

dreamz9

Updated 11-Nov-11 0:47am

v6

Add a Solution

Comments

shashikanth 2011 11-Nov-11 5:14am

Where is your ConnectionString..?
If you not mentioned about connectionstring then how one can solve the problem,
post your ConnectionString also

2 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

OriginalGriff · Answer 1 · 2011-11-10T22:43:00

Ignoring that that is a massive invitation to an SQL Injection attack, you should not store passwords in clear text.
There is a quick bit of info here: Password Storage: How to do it.[^]

As to your reported problem, it could be anything - you do not give anywhere near enough context for an accurate diagnosis.

Richard MacCutchan · Answer 2 · 2011-11-10T22:42:00

Solution 1

It returns like "Your Login Attemp Failed"
What does? There is nothing in the code above that produces this message so how do you expect people to be able to figure out why?

Posted 10-Nov-11 22:42pm

Richard MacCutchan