C# login form errors

Question

I have been searching for the better part of the morning looking to figure out a way to get a simple login form for a program I am writing for work.

The things that I need for this:

1: User login form 2: Authenticate Usernames and passwords inputed on the form 3: Secure the password string so that it can not be read as plain text. 4: Make it so that Admin users can add other users into the Database.

I can't even get the login form to work correctly let alone the rest of the stuff. Everything that I look at online keeps throwing an error when I click the login button

Error code: SqlException Occured Exception thrown "System.Data.SqlClient.SqlException' in System.Data.dll

Additional Information: Invalid object name 'Login'

I have found where this is at and I do not understand what it is doing or referencing, here is the code for the btnLogin_Click

private void btnLogin_Click(object sender, EventArgs e)
    {
        {
            string USERNAME, PASSWORD;
            SqlConnection con = new SqlConnection();
            con.ConnectionString = @"Data Source=(LocalDB)\MSSQLLocalDB;AttachDbFilename=C:\Users\turner.m\Documents\Data.mdf;Integrated Security=True;Connect Timeout=30";
            con.Open();
            USERNAME = txtUserName.Text;
            PASSWORD = txtPassword.Text;
            SqlCommand cmd = new SqlCommand("select USERNAME,PASSWORD from Login where USERNAME='" + txtUserName.Text + "'and PASSWORD='" + txtPassword.Text + "'", con);
            //cmd.ExecuteNonQuery();
            SqlDataReader dr = cmd.ExecuteReader();

            while (dr.Read())
            {
                if (txtUserName.Text == dr[0].ToString() && txtPassword.Text == dr[1].ToString())
                {
                    txtUserName.Text = "";
                    txtPassword.Text = "";
                    this.Hide();

                }
                else
                {
                    MessageBox.Show("invalid userid or password");
                }
                dr.Close();
                con.Close();
            }
        }
    }

The error message is telling you that there is not a SQL table called `Login`. — Rick S, Dec 08 '16 at 20:06
also change your query to use Parameters and you actually do not need a SqlDataReader, when you could use a datatable to return a data if the user and password match from a `Login Table` no need to create a While loop etc.. there are much more efficient ways to do this.. also read up on how to store your connection strings inside of a app.config `ExecuteNonQuery` even though you have it commented out, is for executing `Inserts, Updates, or Deletes` not Select statements google is a very good resource if utilized properly — MethodMan, Dec 08 '16 at 20:12
I have changed the "Login" to "Table" Which is a table in the DB. Getting an incorrect syntax near the keyword 'Table'. — Rave6906, Dec 08 '16 at 21:03

score 0 · Answer 1 · edited May 23 '17 at 12:24

0

Attach (open) mdf file database with SQL Server Management Studio

Then run your query:

select USERNAME,PASSWORD 
from Login 
where USERNAME= 'foo'
and PASSWORD= 'bar'

Probably your SQL will not execute because your TableName is not valid.

edited May 23 '17 at 12:24

Community

1
1

answered Dec 08 '16 at 20:13

Tony_KiloPapaMikeGolf

879
12
28

C# login form errors

1 Answers1