Interested in this question, is it possible to force the login element to verify the authentication data from my database? And yet, the LoginButton element has the CommandName="Login" parameter, but I did not find where to look at the contents of this command, please tell me.
angry
5,860 15 57 171
Mr_Lambert_13 Mr_Lambert_13
133 sixteen
|
3 answers
The answer to the first question is here . That is, it is possible only if the necessary tables and stored procedures are created through the Sql Server registration tool - aspnet_regsql.exe.
DmitryBLR DmitryBLR
646 3 12
- I created these tables, there is too much structure for my small web application, it seems easier to jot down a small form of authorization myself. - Mr_Lambert_13
|
Made a simple method:
protected void but_Click(object sender, EventArgs e) { SqlConnection sqlCon = new SqlConnection(WebConfigurationManager.ConnectionStrings["ParkConnectionString"].ConnectionString); string sqlQuery = string.Format("SELECT users, passwords FROM Table1 WHERE (users = '{0}') AND (passwords = '{1}')", tb_user.Text, tb_password.Text); SqlCommand cmd_SQL = new SqlCommand(sqlQuery, sqlCon); cmd_SQL.CommandType = CommandType.Text; sqlCon.Open(); SqlDataReader rdrSQL = cmd_SQL.ExecuteReader(); if (rdrSQL.Read()) { FormsAuthentication.RedirectFromLoginPage(tb_user.Text,false); } else { LabelERR.Text = "Неверные данные"; } } Mr_Lambert_13 Mr_Lambert_13
133 sixteen
- It is not good to store passwords in the database in a pure form. A good solution is to store a password hash. - ganouver
- I did not intend to encrypt them. This is a test web application internally, to which only employees of the enterprise have access. - Mr_Lambert_13
|
If this is a web application, then it is better to use your MembershipProvider MembershipProvider on GotDotNet
Sam-Fisher Sam-Fisher
56 one ten
|