Home/ Questions/Q 8506103
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-11T02:30:21+00:00

I have a simple form for this scenario written in razor/webmatrix. I would like

  • 0

I have a simple form for this scenario written in razor/webmatrix. I would like to have a user be able to login to an external website with the login credentials provided by my db.Query via a foreach loop. The login works if I don’t use a foreach loop. It simply returns the first row from the DB Query, and logs in. When I add the foreach loop, it opens the login page without any credentials. Any help would be appreciated. My code is below:

var selectQueryString = "SELECT user_id,password FROM user_table
var user_row = db.Query(selectQueryString);


     <form name="UpdateOrRac" method="POST" action="Login Page URL would be here">      

             @foreach (var row in user_row){
                <div>
                 <input  name="txtUserID" value="@row.user_id" readonly="readonly" />
                 <input  name="txtPassword" value="@row.password" readonly="readonly" />
                 <input type="submit" value="Login" />
                    </div> 
            }

    </form>
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    With the foreach loop your page sends to the login page all the user/password pairs stored in your database together.

    I think that you should select a user and populate with it the form.
    Somenthing like:

    @{   
    var db = Database.Open("MyDb");
    var selectQueryString = "SELECT user_id,password FROM user_table WHERE user_id = @0";
    var user_row = db.QuerySingle(selectQueryString, "YourUserName");
}
 <form name="UpdateOrRac" method="POST" action="Login.cshtml">
    <div>
        <input  name="txtUserID" value="@user_row.user_id" readonly="readonly" />
        <input  name="txtPassword" value="@user_row.password" readonly="readonly" />
        <input type="submit" value="Login" />
    </div>
</form>

    Edit

    In response to your comment, yes, but now your target is clearer.

    To obtain a list of your acccounts with the possibility of login, the easiest way is to use a link to the Login page with a querystring with userid and password:

    @{   
    var db = Database.Open("MyDb");
    var selectQueryString = "SELECT user_id,password FROM user_table";
    var user_row = db.Query(selectQueryString); 
} 

<div>
    @foreach(var row in user_row)
    {
        <p>
            @row.user_id &nbsp;&nbsp; 
            @row.password &nbsp;&nbsp;
            <a href="~/Login?id=@row.user_id&pwrd=@row.password">Login</a>
        </p>
    }
</div>

    You can get the passed data in the Login.cshtml page with this statements:

    var user = Request.QueryString["id"];
var pwrd = Request.QueryString["pwrd"];

    If the security is a concern, you must consider that GET and POST are nearly the same (look at Is either GET or POST more secure than the other?)

    • 0