ARTICLE

Creating a Login User Control

Posted by C Vinod Kumar Articles | Security in .NET April 16, 2001
In this article, we have started with an introduction to the UserControl and have learnt to use the ADO+ DataReader.As we seen User Controls simplifies several common Web application scenarios.User Controls allow developers to easily define custom controls using the same programming techniques for writing Web Forms.
Reader Level:
Download Files:
 

Reusability is an important think that should be considered even while developing a small piece of code. User controls provide an easy way to partition and reuse simple, common UI functionality across a Web application. You can easily create your own controls using the same techniques that you use to program Web Forms. Like all Web Forms controls, user controls are compiled on demand and cached in server memory.

For example, if you have developed a Web Form that contains functionality that you want to use across your application, you only need to modify the file slightly for it to work as a user control.

User Controls write in any dot net language can be included in a single web form.For example controls wirten inVB.Net and CSharp can be include in a sample web forms and also user controls offer you greater flexibility than server-side includes (SSIs) by providing object model support for your control.

Building Login User Control:

Login page is a common scence in all the web site that are avaliable for now. So we will see how to write a login user control. We use the .ascx extension to indicate a User controls. This ensures that the User Control's file cannot be executed as a standalone Web Form.

// Login.ascx -- Login User Control
//Redirect page after login succeed
public String RedirectPage ="/Default.aspx";
public int chk;
bool Authenticate(String user, String pass)
{
bool authenticated = false;
try
{
Stringdsn="server=localhost;uid=sa;pwd=;database=portal";
String sSQL = "SELECT Name,password FROM users where Name='" + user.Trim() + "'";
SQLConnection Conn =
new SQLConnection(dsn);
SQLCommand Cmd =
new SQLCommand(sSQL,Conn);
SQLDataReader myRead=
null; //instancing a datareader
Conn.Open(); //opening the connection
Cmd.Execute(out myRead);
if (myRead!=null)
{
//checking for records
if (myRead.Read())
{
if (myRead.GetString(0)==user)
{
//checking username in db with given username
if(myRead.GetString(1)==pass)
{
//checking password in db with given password
authenticated =true;
}
else
{
chk=1;
// settingflag as 1 if password failed
}
}
else
{
chk=2;
//setting flaga as 2 in username failed
}
}
}
}
catch(Exception e)
{
Response.Write("Auth Exception: " + e.ToString()); }
return authenticated;
}
private void SubmitBtn_Click(Object sender, EventArgs e)
{
if (Authenticate(UserName.Text, Password.Value))
{
Response.Redirect(Redirecturl);
//redirecting to valid page after login Succed
}
else
{
if (chk==1)
{
Message.Text= "PassWordInvalid";
Message.Visible =
true;
}
else
{
Message.Text= "UserNameinvalid";
Message.Visible =
true;
}
}
  

This code above shows you how to validate a input data with the data avaliable in database. The user control will be having two asp text box (Web Control) for username and password and a asp lable to display error message and a asp submit button.

DataReader:

DataReader is a read-only, forward-only stream returned from the database. Only one record at a time is ever in memory. It is similay to ADO forwardonly cursor and read only lock type.Datareader also provides a series of Get methods that allow accessing the field values as its native time. Examples of this are: GetDataTime,GetString, GetDouble, GetGuid, GetInt32, GetStream. 

<!-- Web UI For Login user Control-->
UserName: <asp:Textbox id=username size=14 runat=server />
Password:<asp:Textbox id=password size=14 runat= server />
<
asp:Button id=click value= signon onclick=SubmitBtn_Click runat=server>
<
asp:lable id=message visibality=false runat=server />

Registering UserControl:

Declare an @ Register directive that includes:

a tagprefix:tagname pair that you will use when you declare an instance of the control on another page
the virtual path to the user control file.
For example, the following code registers a control defined in the file login.ascx, which has been given the tag prefix UserControl and the tag name Login.

<!-- Login.aspx-->
<!-- Registering the user control-->
<%@ Register TagPrefix="UserControl" TagName="Login" src="login.ascx" %>
<html>
<
body>
<form runat="server">
<UserControl:Login id="MyLogin" runat="server"/>
</form>
</
body>
</
html>
 
Conclusion

In this article, we have started with an introduction to the UserControl and have learnt to use the ADO+ DataReader.As we seen User Controls simplifies several common Web application scenarios.User Controls allow developers to easily define custom controls using the same programming techniques for writing Web Forms. We will see more about User Controls and Validation Controls in my forth coming articles.

COMMENT USING
Employers - Post Free Jobs