Home ASP.NET With C# Sql Server Login page in asp.net c# with sql database

Login page in asp.net c# with sql database

,
I have written this article basically for the fresher and the beginners. On their mind that how to create a login page and contact with the database. so I will explain here how to create a login page in asp.net c# and contact with the Sql server


Frist we create data base

Design



Script for creating table
create database CodeSolution

USE [CodeSolution]
GO

/****** Object:  Table [dbo].[login]    Script Date: 12/30/2014 23:27:26 ******/
SET ANSI_NULLS ON
GO

SET QUOTED_IDENTIFIER ON
GO

CREATE TABLE [dbo].[login](
          [user_id] [int] IDENTITY(1,1) NOT NULL,
          [username] [nvarchar](50) NULL,
          [pwd] [nvarchar](50) NULL,
 CONSTRAINT [PK_login] PRIMARY KEY CLUSTERED
(
          [user_id] ASC
)WITH (PAD_INDEX  = OFF, STATISTICS_NORECOMPUTE  = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS  = ON, ALLOW_PAGE_LOCKS  = ON) ON [PRIMARY]
) ON [PRIMARY]

GO

Design


Script for inserting data:-

insert into login (username,pwd)values('srinickraj','12345678')

Source Code:-

<%@ Page Language="C#" AutoEventWireup="true" CodeFile="loginpage.aspx.cs" Inherits="loginpage" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
    <title></title>
</head>
<body>
    <form id="form1" runat="server">
    <div align="center">
    <fieldset style ="width:200px;">
    <legend>Login page </legend>
        <asp:TextBox ID="txtusername" placeholder="username" runat="server"
            Width="180px"></asp:TextBox>
        <br />
        <br />
        <asp:TextBox ID="txtpassword" placeholder="password" runat="server"
            Width="180px" TextMode="Password"></asp:TextBox>
        <br />
        <br />
        <asp:Button ID="btnsubmit" runat="server" Text="Submit"
           Width="81px" onclick="btnsubmit_Click" />
            <br />
           
    </fieldset>
    </div>

    </form>
</body>
</html>

  
Code behind(C#):-

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.SqlClient;
using System.Data;

public partial class loginpage : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {

    }
    protected void btnsubmit_Click(object sender, EventArgs e)
    {
       SqlConnection con = new SqlConnection("Data Source=NEERAJ-PC;Initial Catalog=CodeSolution;Persist Security Info=True;User ID=sa; password=12345678");
       con.Open();
       SqlCommand cmd = new SqlCommand("Select * from login where username='" + txtusername.Text + "' and pwd ='" + txtpassword.Text + "'", con);
       SqlDataAdapter da = new SqlDataAdapter(cmd);
       DataTable dt = new DataTable();
       da.Fill(dt);
       if (dt.Rows.Count > 0)
       {
           Response.Redirect("Details.aspx");
       }
       else
       {
           Response.Write("<script>alert('Please enter valid Username and Password')</script>");
       }
    }
}





 Out-Put:-

Login page in asp.net c# with sql database Login page in asp.net c# with sql database Reviewed by NEERAJ SRIVASTAVA on 6:58:00 PM Rating: 5

32 comments:

  1. UnknownAugust 9, 2015 at 9:24 PM

    Very Informative Post..Thanks A lot..Found it much helpful.:)

    ReplyDelete
  2. UnknownOctober 16, 2015 at 6:23 PM

    you can also use here dataset and datareader

    ReplyDelete
  3. UnknownNovember 8, 2015 at 3:09 PM

    WORKED!!!!!! YEEEAAAAHHHHH!!!!!! THANKS A TON MATE! :D :D

    ReplyDelete
  4. StudyNovember 21, 2015 at 5:46 PM

    Thanks for lo

    ReplyDelete
  5. StudyNovember 21, 2015 at 5:46 PM

    Thanks for lo

    ReplyDelete
  6. HemalonnetNovember 24, 2015 at 9:59 AM

    Thnx bro really very easy and helpfull

    ReplyDelete
  7. UnknownNovember 25, 2015 at 2:33 PM

    it is work .... thanks....

    ReplyDelete
  8. deDecember 14, 2015 at 11:32 AM

    Great

    C# Training

    ReplyDelete
  9. ZAID ZAIDIDecember 17, 2015 at 2:40 PM

    hello sir... in script u use pwd for password column...and in sqlcommand u use password.... so here is a correction.

    ReplyDelete
  10. Suresh VagallaDecember 19, 2015 at 10:28 PM

    After gone through so many websites, I created my first log in successfully with this reference. Many thanks...

    ReplyDelete
  11. AnonymousDecember 30, 2015 at 3:22 PM

    It was so helpfull! Thanks a lot... :)

    ReplyDelete
  12. GilaMonsterJanuary 21, 2016 at 11:19 PM

    Nice SQL Injection vulnerability there. Plus password in plain text.

    To be clear, you should NEVER concatenate user input into a sql statement and execute it.

    With your code, entering a username of "whatever'' OR 1=1; --" would automatically log me in without any need to guess passwords, and that's about the least malicious thing someone could do with SQL Injection. They could also modify data (like setting an admin's password to a known value), drop tables, drop databases, possibly even get access to the underlying OS,

    The example as written is *incredibly* dangerous and a very bad example to give people.

    ReplyDelete
    Replies
    1. UnknownDecember 9, 2016 at 5:56 AM

      i agree the code shouldn't be use specially on production poorly written

      Delete
  13. AnonymousJanuary 22, 2016 at 3:17 PM

    Troy Hunt sends his love.

    ReplyDelete
  14. AshishFebruary 11, 2016 at 4:32 PM

    my code is for login form and jump another form as main please check where is mistake because error is found when run time
    private void button2_Click(object sender, EventArgs e)
    {

    SqlConnection con = new SqlConnection("Data Source = welcome-pc;initial catalog = Ashish;User ID =sa;Password = 363791");
    con.Open();
    SqlCommand cmd = new SqlCommand("select * from Login_Car where User Name = '"+textBox1.Text+"' and Password = '" +textBox2.Text+"'",con);
    SqlDataAdapter da = new SqlDataAdapter(cmd);
    DataTable dt = new DataTable();
    da.Fill(dt);
    if (dt.Rows.Count > 0)
    {
    this.Hide();
    Main ma = new Main();
    ma.Show();
    }
    else
    {
    MessageBox.Show("invalid data");
    }

    ReplyDelete
  15. AnonymousFebruary 14, 2016 at 8:45 PM

    Sample output:

    Enter Player Name (Q to quit): Bob

    Enter score for Bob: 3245

    Enter Player Name (Q to quit): Sue

    Enter score for Sue: 1098

    Enter Player Name (Q to quit): Dave

    Enter score for Dave: 8219

    Enter Player Name (Q to quit): Pat

    Enter score for Pat: 3217

    Enter Player Name (Q to quit): Q
    Name Score
    Bob 3245
    Sue 1098
    Dave 8219
    Pat 3217
    Average Score: 3944.75
    Players who scored below average

    Name Score
    Bob 3245
    Sue 1098
    Pat 3217
    Press any key to continue . . .

    ReplyDelete
  16. HARI KRISHNA TMarch 7, 2016 at 5:54 PM

    OMG.. atlast i could create a login page functionality..Great post

    ReplyDelete
  17. jignesh kadvaniApril 21, 2016 at 5:35 PM

    Hi... coding works fine... but one problem is that username and password check is not case sensitive. if i store username=ADMIN and password=ADMIN in the database and when i pass value from the form in lowercase then also it redirects to the otherpage. which should not be happend. so is there any way to make case sensitive query... or table.

    ReplyDelete
  18. UnknownMay 31, 2016 at 12:40 PM

    dear neeraj i m facing a error n sqlconnection but my web config is accurate...i m facing error in instance name

    ReplyDelete
  19. SarahJune 5, 2016 at 8:55 PM

    Create a standard site page and put all your substance on this site. Before this substance page have a username and secret key login for individuals to finish.
    TalkTalk login/

    ReplyDelete
  20. imran shojaJune 23, 2016 at 1:45 PM

    thanks

    ReplyDelete
  21. Being AtherJuly 3, 2016 at 7:38 PM

    Thank u u awesome

    ReplyDelete
  22. .NET, Azure, Kubernetes, Docker, CloudsJuly 6, 2016 at 5:08 PM

    Session is missing in this code..

    ReplyDelete
  23. AnonymousAugust 11, 2016 at 9:07 PM

    You need to double up any quote characters in the username and password to stop sql injection or your web site will get hacked.

    Try putting in a username of (including the ' characters)
    '; drop table login; select '

    ReplyDelete
  24. sistemaoperativocomputador.blogspot.comSeptember 11, 2016 at 11:12 PM

    Hi, Can you do the same example but using LinqToSql those are a good way for other user, Nice example kudos, good job,

    ReplyDelete
  25. AnonymousSeptember 17, 2016 at 2:49 PM

    Very Useful Information thanks.

    ReplyDelete
  26. PBonthemoveOctober 24, 2016 at 1:35 PM

    This code isnt SQL injection proof.
    And that's pretty risky since those pages often face the internet front

    ReplyDelete
  27. AbbyJanuary 19, 2017 at 9:11 AM

    How do i insert values ?

    ReplyDelete
    Replies
    1. NEERAJ SRIVASTAVAFebruary 9, 2017 at 9:33 PM

      dear @fallon

      the below link will help you

      http://www.neerajcodesolutions.com/2013/06/insert-data-using-stored-procedure-in-c.html

      Delete
  28. AnonymousFebruary 4, 2017 at 3:15 PM

    done .. thanks

    ReplyDelete
  29. UnknownFebruary 15, 2017 at 4:50 PM

    Very Very Thanks a lot

    ReplyDelete

Subscribe to: Post Comments ( Atom )
Powered by Blogger.