Eggy

Eggy

  • 0
  • 8
  • 0

Connection String question

Apr 26 2011 8:12 PM
Hi,
Hopefully I am not asking a dump question.  After reading most of the forums of how to write the connection string in the webconfig file, I found all of their suggestions are hard code an user id and password in the connection strings. 
My question is I list my User ID & Password in the connection string at webconfig file, will other users who access to the web site read it?  Also, I have more than 100 users need to log into the web site, how can I hard code all 100 users' id & password into the connection string?  I have the code in below in the

WebConfig

<

<add name="myDbConnectionString1"connectionStrings>

InitialCatalog='Testing';User ID = 'User1';Password='Password1'"/>

</

Here is the Login.aspx

namespace

{


WebApplication2public partial class Login : System.Web.UI.Page

{


{

}


{


sds.ConnectionString =

sds.SelectParameters.Add(

sds.SelectParameters.Add(

sds.SelectCommand =



{




}


protected void Page_Load(object sender, EventArgs e)protected void btnLog_Click(object sender, EventArgs e)SqlDataSource sds = new SqlDataSource();ConfigurationManager.ConnectionStrings["myDbConnectionString1"].ToString();"username", TypeCode.String, this.lblUsername.Text);"password", TypeCode.String, this.lblPassword.Text); "SELECT * FROM [myTb] WHERE [username] = @username AND [password] = @password";DataView dv = (DataView)sds.Select(DataSourceSelectArguments.Empty);if (dv.Count == 0)this.lblinfo.ForeColor = System.Drawing.Color.Red;this.lblinfo.Text = "Invalid username and password!";return;else

{


Response.Redirect(

}

}

}

}

this.Session["username"] = dv[0].Row["username"].ToString();"SecurePage.aspx");



Thank you.
connectionStrings>

Answers (7)