user name and password
-
Hi In my login form i have set user name Password as "admin" and "sa" if i type ADMIN and SA it should not work but its working.. how resolve it thanks in advance
Mads115 wrote:
In my login form i have set user name Password as "admin" and "sa" if i type ADMIN and SA it should not work but its working.. how resolve it
How did you checking the use id and password? Where is the code? Did you check with String.Equal() or what ?
cheers, Abhijit CodeProject MVP Web Site:abhijitjana.net
-
Hi In my login form i have set user name Password as "admin" and "sa" if i type ADMIN and SA it should not work but its working.. how resolve it thanks in advance
-
Mads115 wrote:
In my login form i have set user name Password as "admin" and "sa" if i type ADMIN and SA it should not work but its working.. how resolve it
How did you checking the use id and password? Where is the code? Did you check with String.Equal() or what ?
cheers, Abhijit CodeProject MVP Web Site:abhijitjana.net
this is the Code I am using SqlConnection Con1 = new SqlConnection("server=.;database=ab;uid=sa;pwd=max"); Con1.Open(); SqlCommand cmd1 = new SqlCommand("select UserName,Password from mads Where Username= '" + usrtxt.Text + "' and Password ='" + passtxt.Text + "'", Con1); SqlDataReader dr = cmd1.ExecuteReader(); dr.Read(); if (dr.HasRows == true) { prj = new Project_Details(usrtxt.Text); prj.Show(); } dr.close;
-
this is the Code I am using SqlConnection Con1 = new SqlConnection("server=.;database=ab;uid=sa;pwd=max"); Con1.Open(); SqlCommand cmd1 = new SqlCommand("select UserName,Password from mads Where Username= '" + usrtxt.Text + "' and Password ='" + passtxt.Text + "'", Con1); SqlDataReader dr = cmd1.ExecuteReader(); dr.Read(); if (dr.HasRows == true) { prj = new Project_Details(usrtxt.Text); prj.Show(); } dr.close;
SQL is case insensitive. You have to force SQL to turn on the case sensitivity for the select query. Just add the following clause with your select query: COLLATE SQL_Latin1_General_CP1_CS_AS Use COLLATE SQL_Latin1_General_CP1_CI_AS for case insensitivity. It can solve your problem. Regards Saanj
Either you love IT or leave IT...
-
this is the Code I am using SqlConnection Con1 = new SqlConnection("server=.;database=ab;uid=sa;pwd=max"); Con1.Open(); SqlCommand cmd1 = new SqlCommand("select UserName,Password from mads Where Username= '" + usrtxt.Text + "' and Password ='" + passtxt.Text + "'", Con1); SqlDataReader dr = cmd1.ExecuteReader(); dr.Read(); if (dr.HasRows == true) { prj = new Project_Details(usrtxt.Text); prj.Show(); } dr.close;
Mads115 wrote:
SqlCommand cmd1 = new SqlCommand("select UserName,Password from mads Where Username= '" + usrtxt.Text + "' and Password ='" + passtxt.Text + "'", Con1);
If this is your live code, Please be careful about
SQL Injection.cheers, Abhijit CodeProject MVP Web Site:abhijitjana.net