c# - my login is always successful, whether it is correct/wrong username or password -
the login form using patient table login. whether type in correct or wrong username/password redirect me home page index.aspx means sucessful. below code, select patientid because store patientid in session.
problem : need understand valu types never hold null
. checking id against null retur true
hence able login system in conditions.
solution : should have mechanism can identify actual value of executescalar()
. return null
if incase there no records.but wont converted int null should first check null against executescalar()
retur value , if not null convert integer otherwise assign zero.
try this:
int id =(cmd.executescalar()!=null)?convert.toint32(cmd.executescalar()):0; if (id > 0) { session.add("id", id); session.add("pusername", txtusername.text); session.add("ppassword", txtpassword.text); formsauthentication.setauthcookie(txtusername.text, true); response.redirect("index.aspx"); }
edit: system allows empty username , empty password valid credentials you have id 5 empty username
, password
in above table. add username
, password
userid 5 wont allow empty username , password.
Comments
Post a Comment