Asp.net Authentication Error not logging in the user

Question

I have my login form and i tried to parameter the query for logging in user. But it seem to give an error that Login failed for user. My code is here. Please tell me what am i doing wrong here.

public void LoginUser()
{
    string UserNameFromHTML = Page.Request.Form["UserNameIput"];
    string UserPasswordFromHTML = Page.Request.Form["UserPasswordInput"];
    string QueryString = "SELECT User_Id, User_Name, User_Password FROM um_Personnel WHERE User_Name = @UserName and User_Password = @UserPassword";
    SqlCommand Command = new SqlCommand();
    Command.CommandText = QueryString;
    Command.Connection = ConnectionString;
    Command.Parameters.AddWithValue("@UserName", UserNameFromHTML);
    Command.Parameters.AddWithValue("@UserPassword", UserPasswordFromHTML);
    using (SqlDataAdapter Data_Adapter = new SqlDataAdapter(Command))
    {
        DataSet Data_Set = new DataSet();
        Data_Adapter.Fill(Data_Set);
        if (Data_Set.Tables[0].Rows.Count > 0)
        {
            Response.Redirect("CMS/Dashboard.aspx");
        }
    }
}

and i am calling this function on my button onClick event as

<button type="submit" class="submit" onclick='<% LoginUser(); %>'>

THE COMPLETE HTML CODE IS HERE

<fieldset>
            <legend class="legend">User Login</legend>
            <div class="input">
                <input type="text" placeholder="Enter User Name" id="UserNameIput" required />
                <span><i class="fa fa-envelope-o"></i></span>
            </div>
            <div class="input">
                <input type="password" placeholder="Enter Password" id="UserPasswordInput" required />
                <span><i class="fa fa-lock"></i></span>
            </div>
            <button type="submit" class="submit" onclick='<% LoginUser(); %>'><i class="fa fa-long-arrow-right"></i></button>
        </fieldset>

Do you have debug step by step your code ? Are this function called ? What is the error, what you expect and what you get? — Aristos, Sep 22 '16 at 08:40
Do you actually get anything here : `Page.Request.Form["UserPasswordInput"];` because this is not the usual way on asp.net — Aristos, Sep 22 '16 at 08:41
yes i tried debugging it. The error came out when the data adapter tries to fill the dataset. — adil sharif, Sep 22 '16 at 08:42
i got this Page.Request.Form["UserPasswordInput"] from stackoverflow. Please guide me if this line is wrong. As it didn't gave me any error at all. — adil sharif, Sep 22 '16 at 08:44
what do you mean with `But it seem to give an error that Login failed for user`. Where do you get this error? — Stef Geysels, Sep 22 '16 at 08:45
What is the html part ? Did this ` Page.Request.Form["UserPasswordInput"] ` get the input from html ? — Aristos, Sep 22 '16 at 08:45
The Error Says "Login failed for user" THAT'S ALL. Nothing Else — adil sharif, Sep 22 '16 at 08:46
"UserPasswordInput" is the ID of the user input from HTML page. — adil sharif, Sep 22 '16 at 08:46
I don't see where you actually "Log in" the user. To `Login` you need something like `FormsAuthentication.RedirectFromLoginPage()` — Stef Geysels, Sep 22 '16 at 08:50

score 1 · Answer 1 · answered Sep 22 '16 at 08:53

this part of code

<input type="text" placeholder="Enter User Name" id="UserNameIput" required />

did not contains the name property that is the one that return the parameter. To make it work, add the name (the id is not used from what I see), and make it as:

<input type="text" placeholder="Enter User Name" name="UserNameIput" required />

then you can get the input from code behind as:

Page.Request.Form["UserNameIput"];

Do the same for all input that you need to get the value on code behind, or use server controls. I ask you if you debug your code step by step, but apparently you did not do that and not check if you have anything on that values. So you may have more errors.

Debug your code step by step and check the parameters, check if the sql is running correctly - and improve your code.

score 0 · Answer 2 · answered Sep 22 '16 at 08:56

After you checked if the user has the right login and password, you'll need to actually Login the user.

public void LoginUser()
{
    string UserNameFromHTML = Page.Request.Form["UserNameIput"];
    string UserPasswordFromHTML = Page.Request.Form["UserPasswordInput"];
    string QueryString = "SELECT User_Id, User_Name, User_Password FROM um_Personnel WHERE User_Name = @UserName and User_Password = @UserPassword";
    SqlCommand Command = new SqlCommand();
    Command.CommandText = QueryString;
    Command.Connection = ConnectionString;
    Command.Parameters.AddWithValue("@UserName", UserNameFromHTML);
    Command.Parameters.AddWithValue("@UserPassword", UserPasswordFromHTML);
    using (SqlDataAdapter Data_Adapter = new SqlDataAdapter(Command))
    {
        DataSet Data_Set = new DataSet();
        Data_Adapter.Fill(Data_Set);
        if (Data_Set.Tables[0].Rows.Count > 0)
        {
            FormsAuthentication.RedirectFromLoginPage(UserNameFromHTML, true); //will return the user to the page who needs a user who is logged in            
        }
        else
        {
            Responce.Redirect("~/Home/Index/");
        }
    }
}

And in Web.config add this:

<authentication mode="Forms">
    <forms name=".ASPXFORMSDEMO" loginUrl="logon.aspx" protection="All" path="/" timeout="30" />
</authentication>

You can check this page for a basic start.

Asp.net Authentication Error not logging in the user

2 Answers2