Question how to select usernam and password

S

solid2005

New member
Joined
Oct 14, 2009
Messages
2
Programming Experience
Beginner
VB.NET: 
    Private Sub LoginCheck()
        If txtLogin.Text.Trim.Length = 0 Then
            MessageBox.Show("Please type a Username.", Me.Text, MessageBoxButtons.OK, MessageBoxIcon.Information)
            txtLogin.Focus()
            Exit Sub
        ElseIf txtPasswordLogin.Text.Trim.Length = 0 Then
            MessageBox.Show("Please type your Password.", Me.Text, MessageBoxButtons.OK, MessageBoxIcon.Information)
            txtPasswordLogin.Focus()
            Exit Sub
        End If

        Dim dbDataReader As OleDb.OleDbDataReader = Nothing
        Dim sqlCommand1 As String = "SELECT * FROM StreetGangWars WHERE Account = '" & txtLogin.Text & "'"
        Dim sqlCommand2 As String = "SELECT * FROM StreetGangWars WHERE Access = '" & txtPasswordLogin.Text & "'"
        Dim sqlCommand3 As String = "SELECT * FROM StreetGangWars WHERE ID = @txtlogin.text AND @txtPasswordLogin.Text"
        dbDataReader = performQuery(connectionString, sqlCommand1)
        If dbDataReader.HasRows Then
            dbDataReader = performQuery(connectionString, sqlCommand2)
            If dbDataReader.HasRows Then
                If dbDataReader.Read Then

                    MessageBox.Show("Login Success.", Me.Text, MessageBoxButtons.OK, MessageBoxIcon.Information)
                    frmCharacter.Visible = True
                    frmCharacter.Focus()
                    txtPasswordLogin.Clear()
                    Me.Visible = False
                    Me.Enabled = False
                End If
            Else
                MessageBox.Show("Incorrect Password.", Me.Text, MessageBoxButtons.OK, MessageBoxIcon.Information)
                txtPasswordLogin.Focus()
            End If
        Else
            MessageBox.Show("Account not found.", Me.Text, MessageBoxButtons.OK, MessageBoxIcon.Information)
            txtLogin.Focus()
        End If
    End Sub

example: username password
solid2005 12345
solid9889 11111

I can login solid2005 using password 11111 and 12345
same goes for solid9889.
what is the problem? help please.
 
Sort by date Sort by votes
So you're doing a query checking to see if a username exists in the database and then you're doing a query on whether a password exists in the database.

The problem is that the password doesn't have be the same record as the username you've supplied as you've found out for yourself.

Your sqlcommand3 has the right idea in that you're searching for a record having a username AND password and you're trying our parametrized queries.
 
Upvote 0 Downvote
remove commands 1 and 2 from your code entirely; they are totally unnecessary
remove the IFs to which they refer, too
 
Upvote 0 Downvote

Similar threads

manny cash
  • Question
Here is my code database and table I am so confuse
Replies
2
Views
241
manny cash
manny cash
M
  • Question
Question I am using VB2019 I want to create a database, I got problems
Replies
1
Views
1K
jmcilhinney
jmcilhinney
amnon
  • Question
Resolved Registry value type
Replies
2
Views
480
amnon
amnon
dammam2024
  • Question
2nd page not populate
Replies
1
Views
719
jmcilhinney
jmcilhinney
G
  • Question
Question How to create multiple user accounts in database
Replies
3
Views
2K
chrisjlocke1
chrisjlocke1

Share this page

Latest posts

Back
Top