About Login, SQL, and VB.NET?

Hi all, I have a Login Form (With UserID and Password). And I need the user with their UserID and Password existed in the SQL Database created in the Project. How do I do that???

Do I need a simple for-each loop to search for the entries that matches with the user inputs???

Or do I need to create the standard SQL statement coding Procedure (The adapter, Dataset, those kind...) to search???

My connectionString is being created at the main menu form, separate with this login form, will it be a problem???

Please provide coding, and Thanks if able to give assistance...

1 Answer

  • J J
    Lv 5
    1 decade ago
    Favorite Answer

    You are confusing two issues it seems. First the login for your program and the login for the DB.

    The login for the DB (the connection string) should be fairly straight forward.. it seems you have that alrady, though why it is in the main form is beyond me...

    As for the program login.. I am guessing you popup a form indicating you need both.. you take those two strings and use them as input to a stored procedure that selects against your table of user ids and passwords and returns true or false depending on if it matches. For the love of St. Pete, do not routly return ALL your user ids and passwords and have the VB determine if that matches.. that is massively insecure.

    Your stored procedure would be something like this:

    name: validate_user


    @sUserID VARCHAR(30)

    @sPassword VARCHAR(30)

    DECLARE @bValidEntry BOOL

    DECLARE @lNumberOfMatches INT

    SET @bValidEntry = FALSE

    SET @lNumberOfMatches = 0

    SELECT @lNumberOfMatches = COUNT(lID_column)

    FROM my_security_table

    WHERE userId_Column = @sUserID

    AND password_column = @sPassword

    IF @lNumberOfMatches = 1

    SET @bValidEntry = FALSE

    END IF

    SELECT @bValidEntry


    this of course assumes your table with the user ids and passwords is set up like:

    lID_column INT (primary key)

    userId_Column VARCHAR(30)

    password_column VARCHAR(30)


    that should get you where you want to go..

Still have questions? Get your answers by asking now.