Friday, March 16, 2012

Password Field and Session Vars

Hey, I'm not sure what happened, but I ran into a simple problem I can't figure out.

All I'm trying to do is read two text boxes, txtUserEmail and txtUserPassword. I then take the txtUserEmail value and pass it into a stored proc, which matches it against an Email address in the MSDE. The stored proc returns the UserEmail, UserPassword, UserGroup (role) and UserEmailConfirm.

All I wanted to do is check txtUserEmail.text and txtUserPassword vs the UserEmail and UserPassword fields in my table that I'm getting back from the stored proc. Based on a match, I want to set a couple of Session vars.

fnReturnDataSet is in another module. It takes the stored proc call and returns the data set with the appropriate information.

The problem is that the Sub is skipping over the FOR loop and I'm not sure why. I know I'm only returning one row, but it's easy to just use this temeplate to get the dataset since it's working on 4 other pages I wrote.

If anyone could give me a hint what's wrong, I'd appriciate it.

--------------

Protected Sub btnUserLogin_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnUserLogin.Click
Dim strUserEmail, strUserPassword As String
Dim objSQL As String
Dim dsUserInfo As DataSet
Dim row As DataRow

strUserEmail = txtUserEmail.Text
strUserPassword = txtUserPassword.Text

objSQL = "EXECUTE spValidateUser '" & strUserEmail & "'"
dsUserInfo = fnReturnDataSet(objSQL)

For Each row In dsUserInfo.Tables("dtReturnedTable").Rows
If (row("UserEmail") = strUserEmail) And (row("UserPassword") = strUserPassword) And (row("UserEmailConfirm") = "yes") Then
Session("User") = row("UserEmail")
Session("UserGroup") = row("UserGroup")
lblConfirm.Text = "You are now logged in"
Else
lblError.Text = "The username or password provided are not valid"
End If
Next
End Subhello, have u tried to add
row("UserEmail").ToString() = strUserEmail ...

try it.
I actually figured everything out, but thank you for the suggestion.

I also found an article with some encryption classes to use:
http://www.15seconds.com/issue/021210.htm

I have the cookie encrypted as far as I can tell. I set one key to the UserName and a second to a UserRole. I just need to encrypt the passwords in my SQL database and I should be all set.

Eric

0 comments:

Post a Comment