Search

Saturday, November 23, 2013
0 comments

How to make custom login control in asp.net programming

5:07 PMSaturday, November 23, 2013

Introduction about security of your web page in asp.net programming

You have been familiarized with the process of creating websites of your choice. However , only creating a website is not enough, one have to secure from unauthorized users. Such users can access and steal vital information of other users or about secret info of website such as credit card numbers and email-ids.
Considering these factors, it is necessary to secure the websites from malicious users. To implement security, we must be able to track the user who visit the website and allow only authorized users to access the website resources. For tracking users, we need to collect some required information (such as name, email id, and contact no.) including username and password.

Users are required to furnish username and password to authenticate them as valid/registered users.To fulfill these tasks, we need to create a user interface for authenticating the user, and displaying the desired page based on the roles or rights given to the user. However, creating such forms or user interface with the help of standard ASP.NET Programming server controls is quite tedious and time consuming.
There is a fix login control in Visual Studio 2013 ASP programming, but it is attached with the in-built database. That's why we are designing custom login control for security of the web page, because through custom login control, programmer can check credentials from its own database.

 Follow some steps to make custom login control in asp.net programming

Step-1 : Design view of the asp program. We are designing something like the image shown.

custom login : Design view of the asp program.

Step-2: ASPX Code part in asp.net programming
<p>
        <h2>Login for security</h2></p>
    <asp:ValidationSummary ID="ValidationSummary1" runat="server" BackColor="#CCCC00" BorderColor="Black" BorderStyle="Solid" BorderWidth="4px" />
    <p>
        Enter member username :&nbsp;
        <asp:TextBox ID="usrtxt" runat="server" Width="182px"></asp:TextBox>
        <asp:RequiredFieldValidator ID="RequiredFieldValidator1" runat="server" ControlToValidate="usrtxt" ErrorMessage="Enter Username" ForeColor="Maroon">*</asp:RequiredFieldValidator>
    </p>
    <p>
        Enter&nbsp; member password : <asp:TextBox ID="pwd" runat="server" TextMode="Password" Width="182px"></asp:TextBox>
        <asp:RequiredFieldValidator ID="RequiredFieldValidator2" runat="server" ControlToValidate="usrtxt" ErrorMessage="Enter password" ForeColor="Maroon">*</asp:RequiredFieldValidator>
    </p>
    <p>
        <asp:Button ID="Button1" runat="server" Text="Member Login" OnClick="Button1_Click" />
    </p>
    <p>
        <asp:Label ID="Label1" runat="server"></asp:Label>



C# Code part
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.SqlClient;
using System.Data;
using System.Configuration;

public partial class welcome : System.Web.UI.Page
{
    SqlDataReader rd;
    protected void Page_Load(object sender, EventArgs e)
    {

    }
    protected void Button1_Click(object sender, EventArgs e)
    {
        bool flag=true ;
        using (SqlConnection con = new SqlConnection())
        {

        con.ConnectionString =ConfigurationManager .ConnectionStrings ["ConnectionString"].ToString ();
        con.Open ();
            using (SqlCommand cmd=new SqlCommand ())
            {
                cmd.CommandText ="select * from [Table]";
                cmd.Connection =con;
                rd=cmd.ExecuteReader (CommandBehavior .CloseConnection);
                while (rd.Read ())
{
                    if (rd["username"].ToString ().Equals(usrtxt .Text) && rd["password"].ToString ().Equals (pwd .Text))
                    {
                        flag =false ;
                        Session ["username"]=rd["username"].ToString ();
                        break ;

                    }
     
}
                if (flag ==true)
                    Label1 .Text ="No record found";
                else
                    Response .Redirect ("~/admin/securepage.aspx");

             
            }
        }
    }
}
Run this web page and the same design will be shown to you and you will be able to check the given credentials in your own database. The database name will be pass through the connection string used in the C# code.
Protected by Copyscape Online Copyright Protection Software

0 comments :

Post a Comment

 
Toggle Footer
Top