Showing posts with label password. Show all posts
Showing posts with label password. Show all posts

Wednesday, March 28, 2012

How do i ?! Basic Select Statement

I have an sql data source..select command is something like this.

Select password from users where username = Username.Text

how can i retrieve the password value and save it into a string?! to make a comparison between password value and a textbox Password.Text

i know its a silly question but i took me long time and i still can't find the ans

We are going to need a little more context to evaluate your exact situation, and how to do what you ask, but here's 1 method:

Dim sqlConn as new SqlConnection("connection string here")

Dim sqlCmd as new SqlCommand("SELECT password from users where username = @.username", SqlConn)

sqlCmd.Paramaters.AddwithValue("@.username", username.text)

Dim DA as new SqlDataAdapter(SqlCmd)

Dim DT as new DataTable

DA.Fill(DT)

Dim myString as string = DT.rows(0).item("password").value ' This line may not be totally correct, doing it from memory and will edit it later

If myString.tolower = stringToCompare.tolower then

'Password is valid

else

'Password could be valid - but something threw you into the else statment, maybe an empty string.

end if

|||

Connection string and select command are already defined in the SqlDataSource.

how can you use the SqlDataSource to extract the value of the password?

i tried to use a hidden GridView but i didn't know how to access a specific cell

by the way i am using C#

|||

The above example is a much cleaner method of getting information like this. Putting a hidden gridview on your page is a VERY heavy method of trying to extract a single value, but it can be done.

Please see this article on how to extract a Datatable from the SqlDataSource control. Once you've done that, you can access a specific row of your datatable as mentioned above.

http://msmvps.com/blogs/egoldin/archive/2006/12/27/how-to-get-datatable-out-of-sqldatasource.aspx

I really have to recomend against this method though. If you insist on using the SqlDataSouce control to get this done, consider putting two hidden textbox on the page, and binding the value that comes back from the database to the hidden textbox, then use a compare validator and only let the user continue if page.isvalid.

Posted by clawzxce at 1:17 AM 0 comments
Labels: , , , , , , , , , , , , , , ,

How do i ?! Basic Select Statement

I have an sql data source..select command is something like this.

Select password from users where username = Username.Text

how can i retrieve the password value and save it into a string?!

to make a comparison between password value and a textbox Password.Text

i know its a silly question but i took me long time and i still can't find the answer

Hello Ahmad,

Here's some code that should help you out... I'd be happy to clarify anything if needed.

using System.Data;

using System.Data.SqlClient;

string userPassword;

string userName;

SqlConnection cnn = new SqlConnection("Data Source = (local); Initial Catalog = nameofdatabase; Integrated Security = True");

SqlCommand cmd = new SqlCommand("select Password From Users Where username = @.username", cnn);

SqlParameter UserName = new SqlParameter("@.username", userName);

cmd.Parameters.Add(UserName);

cnn.Open();

string password = (string)cmd.ExecuteScalar();

cnn.Close();

cnn.Dispose();

if (userPassword == password)

{

// success! Do something here

}

else

{

// Failure...

}

Regards.

sql
Posted by clawzxce at 1:16 AM 0 comments
Labels: , , , , , , , , , , , , , , ,

Monday, March 19, 2012

How can you force a password, from a sql login, to expire

How can you force a password, from a sql login, to expire?

I would like to use the password expiration feature for sql logins in SqlServer 2005. The msdn document provides example code for SqlClient SqlConnection.ChangePassword like in Bob Beauchemin's book. http://msdn2.microsoft.com/en-us/library/system.data.sqlclient.sqlconnection.changepassword.aspx

There is a modify_date in the system view sys.sql_logins but that is read-only.

Thanks,

Karl

If you are on a Windows 2003 Server, and the password policy for expiratiopn is enabled this will be automatically enabled for SQL Logins. Password policies for SQL Server 2005 are only available on a Windows 2003 Server.

HTH, Jens Suessmeyer.

http://www.sqlserver2005.de|||

Thanks Jens for replying,

I want to test the client side code in the scenario when the password expires for a sql server login. So I'm hoping for a method that I could repeat several times to test my client code.

Yes I am using Windows Server 2003. The password expiration is set to 90 days in the security policy. However, I don't want to wait 90 days to see If my test sql login account will expire, so I can test my client side code. I'm not the administrator for the Windows Server, but I am the administrator for SQL Server 2005.

It sounds like one possible approach would be to set the security policy to 1 day on a test server then wait one day, but that would only be good for one test?

Karl

|||If you enforce password policies from Windows 2003 Server one test should be enough. Just make sure to handle the appropiate codes like 18468 "Password Expired." and 18487 "Password has to be changed at first logon".

HTH, jens Suessmeyer.

http://www.sqlserver2005.de|||

If you want to programatically modify the global password policy setting to a value that you can test can finish fast, you can try NetUserModalsSet(...) to set max_passwd_age to a value in seconds.

http://windowssdk.msdn.microsoft.com/en-us/library/ms707221.aspx

Posted by clawzxce at 1:10 PM 0 comments
Labels: , , , , , , , , , , , , , ,

How can you force a password, from a sql login, to expire

How can you force a password, from a sql login, to expire?

I would like to use the password expiration feature for sql logins in SqlServer 2005. The msdn document provides example code for SqlClient SqlConnection.ChangePassword like in Bob Beauchemin's book. http://msdn2.microsoft.com/en-us/library/system.data.sqlclient.sqlconnection.changepassword.aspx

There is a modify_date in the system view sys.sql_logins but that is read-only.

Thanks,

Karl

If you are on a Windows 2003 Server, and the password policy for expiratiopn is enabled this will be automatically enabled for SQL Logins. Password policies for SQL Server 2005 are only available on a Windows 2003 Server.

HTH, Jens Suessmeyer.

http://www.sqlserver2005.de|||

Thanks Jens for replying,

I want to test the client side code in the scenario when the password expires for a sql server login. So I'm hoping for a method that I could repeat several times to test my client code.

Yes I am using Windows Server 2003. The password expiration is set to 90 days in the security policy. However, I don't want to wait 90 days to see If my test sql login account will expire, so I can test my client side code. I'm not the administrator for the Windows Server, but I am the administrator for SQL Server 2005.

It sounds like one possible approach would be to set the security policy to 1 day on a test server then wait one day, but that would only be good for one test?

Karl

|||If you enforce password policies from Windows 2003 Server one test should be enough. Just make sure to handle the appropiate codes like 18468 "Password Expired." and 18487 "Password has to be changed at first logon".

HTH, jens Suessmeyer.

http://www.sqlserver2005.de|||

If you want to programatically modify the global password policy setting to a value that you can test can finish fast, you can try NetUserModalsSet(...) to set max_passwd_age to a value in seconds.

http://windowssdk.msdn.microsoft.com/en-us/library/ms707221.aspx

Posted by clawzxce at 1:10 PM 0 comments
Labels: , , , , , , , , , , , , , ,
Subscribe to: Posts (Atom)