c# - my login is always successful, whether it is correct/wrong username or password -


the login form using patient table login. whether type in correct or wrong username/password redirect me home page index.aspx means sucessful. below code, select patientid because store patientid in session.

problem : need understand valu types never hold null. checking id against null retur true hence able login system in conditions.

solution : should have mechanism can identify actual value of executescalar(). return null if incase there no records.but wont converted int null should first check null against executescalar() retur value , if not null convert integer otherwise assign zero.

try this:

        int id =(cmd.executescalar()!=null)?convert.toint32(cmd.executescalar()):0;         if (id > 0)         {             session.add("id", id);             session.add("pusername", txtusername.text);             session.add("ppassword", txtpassword.text);             formsauthentication.setauthcookie(txtusername.text, true);             response.redirect("index.aspx");         } 

edit: system allows empty username , empty password valid credentials you have id 5 empty username , password in above table. add username , password userid 5 wont allow empty username , password.


Comments

Popular posts from this blog

php - regexp cyrillic filename not matches -

c# - OpenXML hanging while writing elements -

sql - Select Query has unexpected multiple records (MS Access) -