failing on our login screen

[puffster]

Hello,

Our lead (and only other) developer abruptly quit and I have been left to maintain his code. I brought down a copy of the code directly from the production web server, where everything works perfectly. I'm running on Visual Studio 2008, when I open the code it compiles cleanly; however, when I try to run it, the code is failing on our login screen when trying to verify my credentials. I have attached the code below -- basically it is dropping into the function btnLogon_Click, and from there trying to access a .dll function - memb.ValidateStateStaffAD, failing, and moving straight to my catch statement. I have verified that these are the same .dlls that are being used in production, and I'm not sure what's happening that is making it jump to the catch statement.

Any help would be greatly appreciated, I've been simply trying to get this site up and running on my pc since Monday morning and have exhausted everything I know to do. If you need any more detail, I'll provide whatever I can...

Imports System.Data.SqlClient
Imports System.Web.Security
Imports System.Web.Mail

Namespace AssessmentTest
    Partial Class ResearchLogin
        Inherits System.Web.UI.UserControl

        Protected thing As New commonCode

#Region " Web Form Designer Generated Code "

        'This call is required by the Web Form Designer.
        <System.Diagnostics.DebuggerStepThrough()> Private Sub InitializeComponent()

        End Sub

        Private Sub Page_Init(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Init
            'CODEGEN: This method call is required by the Web Form Designer
            'Do not modify it using the code editor.
            InitializeComponent()
        End Sub

#End Region

        Private Sub Page_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
            txtPassword.Attributes.Add("onkeydown", "if(event.which || event.keyCode){if ((event.which == 13) || (event.keyCode == 13)) {document.getElementById('" + btnLogon.UniqueID + "').click();return false;}} else {return true}; ")
            txtUserName.Attributes.Add("onkeydown", "if(event.which || event.keyCode){if ((event.which == 13) || (event.keyCode == 13)) {document.getElementById('" + btnLogon.UniqueID + "').click();return false;}} else {return true}; ")
            Page.ClientScript.RegisterStartupScript(Me.GetType(), "SetInitialFocus", "<script>document.getElementById('" & txtUserName.ClientID & "').focus();</script>")
        End Sub

        Public Event LoginAction(ByVal sender As Object, ByVal e As EventArgs, ByVal username As String, ByVal passwordverified As Boolean)

        Private Sub btnLogon_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnLogon.Click
            Dim domain As String = "Jefferson"
            Dim memb As JCPS.Common.Security.MembershipManager = CType(Membership.Provider, JCPS.Common.Security.MembershipManager)
            Dim passwordVerified As Boolean = False

            Try
                If (memb.ValidateStateStaffAD(txtUserName.Text, txtPassword.Text, domain)) Then
                    lblMessage.ForeColor = Drawing.Color.Green
                    lblMessage.Text = "Succeed"
                    passwordVerified = True
                End If

                If passwordVerified = False Then
                    Dim username As String
                    username = Trim(txtUserName.Text.ToLower)
                    Try
                        passwordVerified = VerifyPassword(username, txtPassword.Text.ToLower)
                    Catch ex As Exception
                        lblMessage.Text = "Your UserName is incorrect or your account is inactive. " & ex.Message & " " & username
                        Return
                    End Try
                    If passwordVerified Then
                        RaiseEvent LoginAction(sender, e, username, passwordVerified)
                    Else
                        lblMessage.Text = "Invalid password - Try again or use the 'Forgot Password' link to have it reset."
                    End If
                Else
                    lblMessage.ForeColor = Drawing.Color.Red
                    lblMessage.Text = "Failed"
                End If

                If passwordVerified Then
                    RaiseEvent LoginAction(sender, e, txtUserName.Text, passwordVerified)
                End If
            Catch ex As Exception
                Throw New Exception("Exception Logging Forgotten Pass. " + ex.InnerException.Message)
            End Try
        End Sub

 

[ZNERB]

Hello,

On what Line is the error appearing on? And what is the value of ex.Message when the error arises?

Also, your developer's code is unorganised and scrambled might I point out. That doesn't help when debugging code!

 

[puffster]

Unorganized and scrambled...How Dare You!! Just kidding...

As I mentioned, I just inherited this code...but to answer your questions, I'm re-posting just the function from above where the problem is occuring, and it's happening on the first If statement under the Try statement: If (memb.ValidateStateStaffAD... The ValidateStateStaffAD function is inside a dll that I'm still trying to find the code to. Once it hits this line, however it jumps down to the Catch statement with the error message: "Logon Error: Unknown User Name or Bad Password". I'm assuming this is a programmer-generated error message and not a system message that is getting passed back out from the dll?

Private Sub btnLogon_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnLogon.Click
            Dim domain As String = "Jefferson"
            Dim memb As JCPS.Common.Security.MembershipManager = CType(Membership.Provider, JCPS.Common.Security.MembershipManager)
            Dim passwordVerified As Boolean = False

            Try
                If (memb.ValidateStateStaffAD(txtUserName.Text, txtPassword.Text, domain)) Then
                    lblMessage.ForeColor = Drawing.Color.Green
                    lblMessage.Text = "Succeed"
                    passwordVerified = True
                End If

                If passwordVerified = False Then
                    Dim username As String
                    username = Trim(txtUserName.Text.ToLower)
                    Try
                        passwordVerified = VerifyPassword(username, txtPassword.Text.ToLower)
                    Catch ex As Exception
                        lblMessage.Text = "Your UserName is incorrect or your account is inactive. " & ex.Message & " " & username
                        Return
                    End Try
                    If passwordVerified Then
                        RaiseEvent LoginAction(sender, e, username, passwordVerified)
                    Else
                        lblMessage.Text = "Invalid password - Try again or use the 'Forgot Password' link to have it reset."
                    End If
                Else
                    lblMessage.ForeColor = Drawing.Color.Red
                    lblMessage.Text = "Failed"
                End If

                If passwordVerified Then
                    RaiseEvent LoginAction(sender, e, txtUserName.Text, passwordVerified)
                End If
            Catch ex As Exception
                Throw New Exception("Exception Logging Forgotten Pass. " + ex.InnerException.Message)
            End Try
        End Sub

 

[ZNERB]

Recommendations...

puffster,

1) Here is a clean up of the code you specified from Private Sub btnLogin_Click onwards. It should still function the same way, if not, please let me know. Although, if you wish not to use it, just ignore it. Seriously, don't use it if you don't want to. The code highlighted in blue is worth checking out though if you don't want to use the entire code.

Private Sub btnLogon_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnLogon.Click
	Dim domain As String = "Jefferson"
	Dim memb As JCPS.Common.Security.MembershipManager = CType(Membership.Provider, JCPS.Common.Security.MembershipManager)
	Dim passwordVerified As Boolean = False

	Try
		[B][COLOR="blue"]Dim LibCallResult =  (memb.ValidateStateStaffAD(txtUserName.Text, txtPassword.Text, domain))
                Select Case LibCallResult
                        Case True
				lblMessage.ForeColor = Drawing.Color.Green
				lblMessage.Text = "Succeed"
				passwordVerified = True
			Case False
				MsgBox("The call to the DLL returned False!")
			Case Else
				MsgBox("The call to the DLL returned something entirely different to a Boolean value: " & LibCallResult)
		End Select[/COLOR][/B]
		
		Select Case passwordVerified
			Case True
				Dim username As String = Trim(txtUserName.Text.ToLower)
				Try
					passwordVerified = VerifyPassword(username, txtPassword.Text.ToLower)
					If passwordVerified Then
						RaiseEvent LoginAction(sender, e, username, passwordVerified)
					Else
						lblMessage.Text = "Invalid password. Try again or use the 'Forgot Password' link to have it reset."
					End If
				Catch ex As Exception
					lblMessage.Text = "Your username (" & username & ") is incorrect or your account is inactive." & vbCrLf & "Error: " & ex.Message
					Return
				End Try
				
			Case False
				lblMessage.ForeColor = Drawing.Color.Red
				lblMessage.Text = "Failed."
		End Select
		
	Catch ex As Exception
		Throw New Exception("Exception Logging Forgotten Pass. " + ex.InnerException.Message)
	End Try
End Sub

2) Concerning the error you are getting at If (memb.ValidateStateStaffAD..., it may be that either there is an internal error coming from the DLL itself, or that the value being returned from (memb.ValidateStateStaffAD.. is not of Boolean value (see the blue code above), which is what the IF statement your developer has used is trying to achieve. In other words, the IF statement if checking to see if (memb.ValidateStateStaffAD.. is of True or False - but it may be returning a different value, which is what is causing the code to jump to your Catch statement.

Try inserting this code above "If (memb.ValidateStateStaffAD..." and see what comes up.

MsgBox((memb.ValidateStateStaffAD(txtUserName.Text, txtPassword.Text, domain)))

3) NOTE: If you are debugging code in the future and you are completely lost as to what is going on, or where the error is coming from, you can add the following code to many branches in your code;

[B]Debug.Print("Describe what the code is doing here, and where it is located.")[/B]

It can help during runtime (only when debugging inside VB) as debug messages appear in the Immediate window, so when an error arises, you can view the last debug message that was processed, and most of the time it can give you an idea as to where the error is coming from.

As for your case though, where you are running the compiled version of the application, you can instead use MsgBoxes rather than Debug.Print, as they are just as helpful.

Example of this:

[COLOR="red"][B][U]Just An Example - Do Not Copy & Paste This Code[/U][/B][/COLOR]
Try
        [B]Debug.Print("Try - Trying passwordVerified against VerifyPassword()")[/B]
	passwordVerified = VerifyPassword(username, txtPassword.Text.ToLower)
	If passwordVerified Then
                [B]MsgBox("passwordVerified = " & passwordVerified & vbCrLf & "Raising event: LoginAction")[/B]
		RaiseEvent LoginAction(sender, e, username, passwordVerified)
	Else
		lblMessage.Text = "Invalid password. Try again or use the 'Forgot Password' link to have it reset."
	End If
Catch ex As Exception
        [B]Debug.Print("EXCEPTION: " & ex.Message)[/B]
	lblMessage.Text = "Your username (" & username & ") is incorrect or your account is inactive." & vbCrLf & "Error: " & ex.Message
	Return
End Try

Let me know how you go.
Hope I have helped.

 

[puffster]

First, let me thank you for your help -- I really appreciate you taking the time to help me not only with my problem, but with some general coding tips as well. I see what you mean, your revised code above is a lot cleaner and easier to read through -- I will gladly use your handy work!!

So after putting it in there, I set a break point on the line:

Dim LibCallResult = (memb.ValidateStateStaffAD(txtUserName.Text, txtPassword.Text, domain))

The value of LibCallResult was False before the line got executed...but as soon as I executed the line it again jumped straight to the Catch statement. When I looked at the value of LibCallResult at that point, it was defined as:

LibCallResult Name 'LibCallResult' is not declared.

Also, I tried "stepping into" the function just to see what would happen and it took me to some disassembly code...

 

[puffster]

OK, I'm starting to think there is something more "sinister" going on here -- or more simple that I'm just overlooking -- could go either way at this point

Just to move forward, I declared the variable LibCallResult = True and then commented out the call to the dll, like so:

Dim LibCallResult = True
'LibCallResult = (memb.ValidateStateStaffAD(txtUserName.Text, txtPassword.Text, domain))

After doing this, the code moved through the rest of the btnLogon_Click function until it got to this RaiseEvent line below, where it promptly crapped out again and went straight to the Catch statement:

Try
                            passwordVerified = VerifyPassword(username, txtPassword.Text.ToLower)
                            If passwordVerified Then
                                RaiseEvent LoginAction(sender, e, username, passwordVerified)
                            Else
                                lblMessage.Text = "Invalid password. Try again or use the 'Forgot Password' link to have it reset."
                            End If
                        Catch ex As Exception
                            lblMessage.Text = "Your username (" & username & ") is incorrect or your account is inactive." & vbCrLf & "Error: " & ex.Message
                            Return
                        End Try

So now I'm thinking it's not specific to the dll, but my class seems to have issues with any type of "external" call it is being asked to make. Could this be something extremely simple that we're overlooking, because you just assume, "well surely he knows to do that!!"

 

[ZNERB]

Recommendations, take two.

Hello.

As for "Name 'LibCallResult' is not declared." in your Catch statement, this would be due to the fact that LibCallResult has been "Dim'ed" inside of the Try statement. Try this instead:

Dim passwordVerified As Boolean = False
Dim LibCallResult = Nothing
    Try
        LibCallResult =  (memb.ValidateStateStaffAD(txtUserName.Text, txtPassword.Text, domain))
        Select Case LibCallResult

-- OR --

Dim passwordVerified As Boolean = False
    Try
       Select Case  (memb.ValidateStateStaffAD(txtUserName.Text, txtPassword.Text, domain))
            ...

And then, as for the next error on line;

passwordVerified = VerifyPassword(username, txtPassword.Text.ToLower)

It may be the fact that a piece of code inside your class VerifyPassword is doing something wrong. Is it returning a value? Try set a break point here, and check the value of VerifyPassword.
An alternative method would be to replace "passwordVerified = " with "MsgBox " and see what the contents of the message box reads - you might get a general idea as to if, and what, the class is returning.

Good luck.