Simple Login Project Using Stored Procedures in ASP.NET: Part 2


Introduction

This article is a continuation of "Simple Login Project using Stored Procedures in ASP.NET: Part 1". In this article we will look at the stored procedures and forms.

CheckUser Stored Procedure Code

ALTER PROCEDURE CheckUser

       /*

       (

       @parameter1 int = 5,

       @parameter2 datatype OUTPUT

       )

       */

       @username as varchar(50),

       @password as varchar(50)

AS

       /* SET NOCOUNT ON */

       SELECT FROM MyTb WHERE username=@username AND password=@password

       RETURN

 

In the above code, the stored procedure is asking for a username and password value and returning the total matched records.

CheckUsernameExistance Stored Procedure Code

ALTER PROCEDURE CheckUsernameExistance

       /*

       (

       @parameter1 int = 5,

       @parameter2 datatype OUTPUT

       )

       */

       @username as varchar(50)

AS

       /* SET NOCOUNT ON */

       SELECT FROM myTb WHERE username=@username

       RETURN

 

In the above code, a stored procedure is asking for a username value and returning the total matched records.

CreateNewUser Stored Procedure Code

ALTER PROCEDURE CreateNewUser

       /*

       (

       @parameter1 int = 5,

       @parameter2 datatype OUTPUT

       )

       */

       @fullname as varchar(50),

       @username as varchar(50),

       @password as varchar(50),

       @emailid as varchar(50)

AS

       /* SET NOCOUNT ON */

       INSERT INTO myTb (fullname, username, password, emailidVALUES (@fullname, @username, @password, @emailid)

       /*SELECT * FROM MyTb WHERE username=@username AND password=@password*/

       RETURN

 

In the above code, a stored procedure is asking for four values and inserting the data in the database and returning it's state.

That's all about the stored procedures we are using in this project. Now, let's look at the forms for logging in and creating a new user.

Login.aspx.cs Code

using System;

using System.Data;

using System.Configuration;

using System.Collections;

using System.Web;

using System.Web.Security;

using System.Web.UI;

using System.Web.UI.WebControls;

using System.Web.UI.WebControls.WebParts;

using System.Web.UI.HtmlControls;

using System.Data.SqlClient;

 

public partial class Login : System.Web.UI.Page

{

    protected void Page_Load(object sender, EventArgs e)

    {

 

    }

    protected void log_Click(object sender, EventArgs e)

    {

        try

        {

            SqlConnection con = new SqlConnection(GetConnectionString());

            con.Open();

 

            SqlCommand cmd = new SqlCommand("CheckUser", con);

            cmd.CommandType = CommandType.StoredProcedure;

            SqlParameter p1 = new SqlParameter("username"username.Text);

            SqlParameter p2 = new SqlParameter("password"password.Text);

            cmd.Parameters.Add(p1);

            cmd.Parameters.Add(p2);

            SqlDataReader rd = cmd.ExecuteReader();

 

            if(rd.HasRows)

            {

                rd.Read();

                lblinfo.Text = "You are Authorized.";

                FormsAuthentication.RedirectFromLoginPage(username.Texttrue);

                Response.Redirect("securepage/SecurePage.aspx");

            }

            else

            {

                lblinfo.Text = "Invalid username or password.";

            }

        }

        catch

        {

 

        }

        finally

        {

       

        }

    }

    public string GetConnectionString()

    {

        return System.Configuration.ConfigurationManager.ConnectionStrings["myDbConnectionString1"].ConnectionString;

    }

}
 

Look at the above code; it is using a stored procedure to login the website.

CreateUser.aspx.cs Code

using System;

using System.Data;

using System.Configuration;

using System.Data.SqlClient;

using System.ComponentModel;

using System.Collections;

using System.Web;

using System.Web.Security;

using System.Web.UI;

using System.Web.UI.WebControls;

using System.Web.UI.WebControls.WebParts;

using System.Web.UI.HtmlControls;

 

public partial class CreateUser : System.Web.UI.Page

{

    protected void Page_Load(object sender, EventArgs e)

    {

 

    }

 

    public string GetConnectionString()

    {

        return System.Configuration.ConfigurationManager.ConnectionStrings["myDbConnectionString1"].ConnectionString;

    }

 

    private void execution(string fullnamestring username, string password, string emailid)

    {

            SqlConnection con = new SqlConnection(GetConnectionString());

            con.Open();

 

            SqlCommand cmd = new SqlCommand("CreateNewUser", con);

            cmd.CommandType = CommandType.StoredProcedure;

            SqlParameter p1 = new SqlParameter("fullname",fullname);

            SqlParameter p2 = new SqlParameter("username", username);

            SqlParameter p3 = new SqlParameter("password", password);

            SqlParameter p4 = new SqlParameter("emailid"emailid);

            cmd.Parameters.Add(p1);

            cmd.Parameters.Add(p2);

            cmd.Parameters.Add(p3);

            cmd.Parameters.Add(p4);

            SqlDataReader rd = cmd.ExecuteReader();

 

            if (rd.HasRows)

            {

                rd.Read();

                lblinfo.Text = "User Created";

            }

            else

            {

                lblinfo.Text = "User Not Created";

            }

    }

 

    protected void create_Click(object sender, EventArgs e)

    {

        //check username is exist or not

        SqlConnection con = new SqlConnection(GetConnectionString());

        con.Open();

 

        SqlCommand cmd = new SqlCommand("CheckUsernameExistance", con);

        cmd.CommandType = CommandType.StoredProcedure;

        SqlParameter p1 = new SqlParameter("username"username.Text);

        cmd.Parameters.Add(p1);

        SqlDataReader rd = cmd.ExecuteReader();

 

        if (rd.HasRows)

        {

            rd.Read();

            this.lblinfo.ForeColor = System.Drawing.Color.Red;

            this.lblinfo.Text = "The user already Exist!";

        }

        else

        {

            //section for username not exist

            execution(fullname.Textusername.Textpassword.Textemailid.Text);

            this.lblinfo.Text = "New User Profile has been created you can login now";

            this.fullname.Text = "";

            this.username.Text = "";

            this.password.Text = "";

            this.emailid.Text = "";

        }

    }

}
 

Look at the above code; it is using a stored procedure to create a new user for the website.

Download the attachment and test it yourself. Please note to learn all outlined url's for better understanding of the basics.

HAVE A HAPPY CODING!!