CODEWITHSUNDEEP
vb.netwinformspasswords
Rara Arar
Rara Arar

Reputation: 401

Case sensitive username and password

Im using this code:

Dim con As OleDbConnection = New OleDbConnection("Provider=Microsoft.Jet.OLEDB.4.0;Data Source= UserPass.mdb;")
con.Open()
Dim str As String
str = "SELECT * FROM UserPass WHERE Username='" & txtUsername.Text & "' AND Password='" & txtPassword.Text & "'"
Dim cmd As OleDbCommand = New OleDbCommand(str, con)
cmd.Parameters.AddWithValue("user", txtUsername.Text)
cmd.Parameters.AddWithValue("pass", txtPassword.Text)
Dim sdr As OleDbDataReader = cmd.ExecuteReader()
' It will be case sensitive if you compare usernames here.   
If sdr.HasRows Then
    If sdr.Read Then
        If txtPassword.Text <> sdr("Password").ToString And txtUsername.Text <> sdr("Username").ToString Then
            MessageBox.Show(" Incorrect Username/Password. Login Denied ", " Error! ", MessageBoxButtons.OK, MessageBoxIcon.Error)
        Else
            MessageBox.Show(" You are now Logged In! ", " Welcome! ", MessageBoxButtons.OK, MessageBoxIcon.Asterisk)
            frmOne.Show()
            Me.Hide()
        End If
    End If
End If
sdr.Close()
con.Close()

This is the line where it should check the case of the letters, but it does not seem to work:

If txtPassword.Text <> sdr("Password").ToString And txtUsername.Text <> sdr("Username").ToString Then

Upvotes: 1

Views: 5727

Answers (1)

Rob Gevers
Rob Gevers

Reputation: 213

Unless I am misunderstanding the And in the if statement, the logic you are using will only reject the login if both the username and password do not match. If the password does not match, but the user does, it will drop to the else block and log the user in.

Try changing it to:

If txtPassword.Text <> sdr("Password").ToString Or txtUsername.Text <> sdr("Username").ToString Then

Upvotes: 4

Related Questions