8 Replies - 7568 Views - Last Post: 04 May 2010 - 02:24 PM Rate Topic: -----

#1 vennesschan  Icon User is offline

  • D.I.C Head

Reputation: 0
  • View blog
  • Posts: 112
  • Joined: 20-April 10

Secure Login Form

Posted 03 May 2010 - 02:23 PM

Hi,

I am trying to create a secure login form which can avoid double users log in with same user id from different locations. Can someone help me that how can I create a secure login form. I have create a basic login form as below. Thank you for the helps! :)

 Dim conn As SqlConnection
        conn = New SqlConnection(Source)

        Try
            conn.Open()

        Catch myerror As SqlException
            MessageBox.Show("Connecting to Database Filed: " & myerror.Message)

        End Try

        Dim myAdapter As New SqlDataAdapter

        Dim SelectCmd As String
        SelectCmd = "SELECT UserId, UserPw FROM UserLogin Where UserId='" & UsernameTextBox.Text & "' and UserPw='" & PasswordTextBox.Text & "'"
        Dim Cmd As SqlCommand = New SqlCommand(SelectCmd, conn)

        Dim reader As SqlDataReader
        reader = Cmd.ExecuteReader()

        If reader.HasRows = 0 Then
            MessageBox.Show("Invalid Login Details", "Login Error", MessageBoxButtons.OK, MessageBoxIcon.Error)
        Else
            Dim frm = New MDIParent1
            frm.Show()
            Me.Visible = False
        End If



Is This A Good Question/Topic? 0
  • +

Replies To: Secure Login Form

#2 macosxnerd101  Icon User is offline

  • Self-Trained Economist
  • member icon




Reputation: 10803
  • View blog
  • Posts: 40,273
  • Joined: 27-December 08

Re: Secure Login Form

Posted 03 May 2010 - 02:24 PM

This looks like some flavor of Visual Basic, not PHP. Are you sure you're in the right forum?
Was This Post Helpful? 1
  • +
  • -

#3 vennesschan  Icon User is offline

  • D.I.C Head

Reputation: 0
  • View blog
  • Posts: 112
  • Joined: 20-April 10

Re: Secure Login Form

Posted 03 May 2010 - 02:36 PM

Oh. Sorry, wrong post
Was This Post Helpful? 0
  • +
  • -

#4 vennesschan  Icon User is offline

  • D.I.C Head

Reputation: 0
  • View blog
  • Posts: 112
  • Joined: 20-April 10

Re: Secure Login Form

Posted 03 May 2010 - 02:38 PM

Hi,

I am trying to create a secure login form which can avoid double users log in with same user id from different locations. Can someone help me that how can I create a secure login form. I have create a basic login form as below. Thank you for the helps! :)

Dim conn As SqlConnection 
        conn = New SqlConnection(Source) 
 
        Try 
            conn.Open() 
 
        Catch myerror As SqlException 
            MessageBox.Show("Connecting to Database Filed: " & myerror.Message) 
 
        End Try 
 
        Dim myAdapter As New SqlDataAdapter 
 
        Dim SelectCmd As String 
        SelectCmd = "SELECT UserId, UserPw FROM UserLogin Where UserId='" & UsernameTextBox.Text & "' and UserPw='" & PasswordTextBox.Text & "'" 
        Dim Cmd As SqlCommand = New SqlCommand(SelectCmd, conn) 
 
        Dim reader As SqlDataReader 
        reader = Cmd.ExecuteReader() 
 
        If reader.HasRows = 0 Then 
            MessageBox.Show("Invalid Login Details", "Login Error", MessageBoxButtons.OK, MessageBoxIcon.Error) 
        Else 
            Dim frm = New MDIParent1 
            frm.Show() 
            Me.Visible = False 
        End If


Was This Post Helpful? 0
  • +
  • -

#5 JackOfAllTrades  Icon User is offline

  • Saucy!
  • member icon

Reputation: 6107
  • View blog
  • Posts: 23,659
  • Joined: 23-August 08

Re: Secure Login Form

Posted 03 May 2010 - 02:38 PM

Moved to VB.NET
Was This Post Helpful? 0
  • +
  • -

#6 PsychoCoder  Icon User is offline

  • Google.Sucks.Init(true);
  • member icon

Reputation: 1642
  • View blog
  • Posts: 19,853
  • Joined: 26-July 07

Re: Secure Login Form

Posted 03 May 2010 - 05:11 PM

Topics merged, please don't create duplicates :)
Was This Post Helpful? 0
  • +
  • -

#7 vennesschan  Icon User is offline

  • D.I.C Head

Reputation: 0
  • View blog
  • Posts: 112
  • Joined: 20-April 10

Re: Secure Login Form

Posted 03 May 2010 - 05:15 PM

Opps... sorry guys :)
Was This Post Helpful? 0
  • +
  • -

#8 PsychoCoder  Icon User is offline

  • Google.Sucks.Init(true);
  • member icon

Reputation: 1642
  • View blog
  • Posts: 19,853
  • Joined: 26-July 07

Re: Secure Login Form

Posted 03 May 2010 - 05:27 PM

Here are some changes that will make your code better & a little more secure. The way you have it now it's prime for a SQL Injection attack so here's an example of using parameterized queries which help prevent this.

Public Sub Button1_Click(ByRef sender As Object, ByRef e As EventArgs)
	Dim conn As SqlConnection
    conn = New SqlConnection(Source) 
	Dim myAdapter As New SqlDataAdapter
	Dim SelectCmd As String
	
    Try 
        conn.Open()  
     
        SelectCmd = "SELECT UserId, UserPw FROM UserLogin Where UserId=@Username and UserPw=@UserPw'")' & UsernameTextBox.Text & "' and UserPw='" & PasswordTextBox.Text & "'" 
        Dim Cmd As New SqlCommand(SelectCmd, conn)
        
        Cmd.CommandText = SelectCmd
        Cmd.CommandType = CommandType.Text
 		Cmd.Parameters.AddWithValue("@Username", UsernameTextBox.Text)
 		Cmd.Parameters.AddWithValue("@UserPw", PasswordTextBox.Text)
 		
        Dim reader As SqlDataReader = Cmd.ExecuteReader()
 
        If reader.HasRows = 0 Then 
            MessageBox.Show("Invalid Login Details", "Login Error", MessageBoxButtons.OK, MessageBoxIcon.Error) 
        Else 
            Dim frm = New MDIParent1 
            frm.Show() 
            Me.Visible = False 
        End If
    Catch myerror As SqlException 
        MessageBox.Show("Connecting to Database Filed: " & myerror.Message)  
    End Try         
End Sub


Was This Post Helpful? 2
  • +
  • -

#9 vennesschan  Icon User is offline

  • D.I.C Head

Reputation: 0
  • View blog
  • Posts: 112
  • Joined: 20-April 10

Re: Secure Login Form

Posted 04 May 2010 - 02:24 PM

Tks :)
Was This Post Helpful? 0
  • +
  • -

Page 1 of 1