Home/ Questions/Q 8348757
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-09T07:47:13+00:00

i m writing the code: string query = Select * from AdminLogin where username=’

  • 0

i m writing the code:

string query = "Select * from AdminLogin where username='" + name + 
               "' and password='" +   password + "'";

DataSet ds = BusinessLogic.returnDataSet(query);
foreach (DataRow dr in ds.Tables[0].Rows)
{
    if (dr[0].ToString() == name && dr[1].ToString() == password)
    {
      Response.Redirect("~/Home.aspx");
    }
    else
    {
      //Here I want to write the code that will open a message box 
      //that will tell to user that username and password does not match.
     }
}
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    By message box I’m assuming you mean a javascript alert. I’m not a big fan of posting back with javascript functions. I think its messy, and that javascript should only be used when dealing with client-side actions.

    I would actually recommend to use a placeholder and a literal control for this. You could have the following in your webform:

    <asp:placeholder id="phLoginFailed" runat="server" visible="false">
     <div class="loginfailed">
        Login failed
     </div>
</asp:placeholder>

    This placeholder could be styled like a popup, or displayed within your page using CSS.

    Then change your C# to:

    else
{
    phLoginFailed.Visible = true;
}

    Also, its worth mentioning, your SQL query is prone to SQL Injection. You should use parameterised queries.

    And you should encrypt passwords when storing them in the database for security purposes.

    • 0