I’m getting an exception Invalid column name ‘False’ at the statement
reader = cmd.ExecuteReader(CommandBehavior.SingleRow);
I’m understanding that this may have something to do with SQL’s boolean type being a “bit” and it not converting false to 0. How do you mitigate that, or is that the issue here?
public override bool ValidateUser(string username, string password)
{
bool isValid = false;
SqlConnection conn = new SqlConnection(connectionString);
SqlCommand cmd = new SqlCommand("SELECT Password, IsApproved FROM Users" +
" WHERE Email = @Email AND ApplicationName = @ApplicationName AND IsLockedOut = False", conn);
cmd.Parameters.Add("@Email", SqlDbType.NVarChar, 128).Value = username;
cmd.Parameters.Add("@ApplicationName", SqlDbType.NVarChar, 255).Value = m_ApplicationName;
SqlDataReader reader = null;
bool isApproved = true;
string pwd = "";
try
{
conn.Open();
reader = cmd.ExecuteReader(CommandBehavior.SingleRow);
if (reader.HasRows)
{
reader.Read();
pwd = reader.GetString(0);
isApproved = reader.GetBoolean(1);
}
else
{
return false;
}
reader.Close();
if (CheckPassword(password, pwd))
{
if (isApproved)
{
isValid = true;
SqlCommand updateCmd = new SqlCommand("UPDATE Users SET LastLoginDate = @LastLoginDate" +
" WHERE Email = @Email AND ApplicationName = @ApplicationName", conn);
updateCmd.Parameters.Add("@LastLoginDate", SqlDbType.DateTime).Value = DateTime.Now;
updateCmd.Parameters.Add("@Email", SqlDbType.NVarChar, 255).Value = username;
updateCmd.Parameters.Add("@ApplicationName", SqlDbType.NVarChar, 255).Value = m_ApplicationName;
updateCmd.ExecuteNonQuery();
}
}
else
{
conn.Close();
UpdateFailureCount(username, "password");
}
}
Use
IsLockedOut =0for checking for false.IsLockedOut is a field with bit datatype that stores 0 for false and 1 for true.
So same is used in query/
If IsLockedOut is varchar field then Use
IsLockedOut='False'while comparing string compare.