Welcome to my Blogsite!

http://www.blogsite.psvphil.com

http://aurelie.prepys.com

http://www.ideas.perfectkeys.com

ARTICLE 4

Simple ASP.NET User Login Accounts Maintenance Application

By Aurelie A. Peralta

This simple application demonstrates the following:
1. Basic ASP.NET page commands and IF control statement
2. Variables and Session variables
3. Secured page
4. Database connectivity using ODBC
5. SQL commands for Searching, Inserting, Deleting, and Updating records
6. Gridview object in ASP.NET

Start developing the application by creating an Access database with the following structure:
Database name: logindb.mdb
Tables:
Table name: accountstbl
Fields:
Fieldname      Data                 Type Length
IDNO              Autonumber                           Primary Key
Username      Text                  50
Password       Text                  50

Start Visual Web Developer 2005 Express and create a new website. Add two more Webforms or ASP.NET pages that do not use a code behind approach and delete the Default.aspx page that uses a code behind method. Name the first one login.aspx and the other one, mainpage.aspx.

Type the following codes for the login.aspx page:
———————————————————————–

<%@ Page Language=”VB” %>
<%@ Import Namespace=”System.Data” %>
<%@ Import Namespace=”System.Data.Odbc” %>
<%@ Import Namespace=”System.XML” %>

<!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0 Transitional//EN” “http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd”>

<script runat=”server”>
Private dbconn As New Odbc.OdbcConnection(”Driver={Microsoft Access Driver (*.mdb)};DBQ=” & Server.MapPath(”~\App_Data\logindb.mdb”))

Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs)
If Not IsPostBack Then
Session(”varusername”) = vbNullString

End If

End Sub

Sub loading()
Dim dbadapter As New Odbc.OdbcDataAdapter(”Select * from accountstbl Where [Username]=’” & Me.TextBox1.Text.Trim & “‘ and [Password]=’” & Me.TextBox2.Text.Trim & “‘”, dbconn)
Dim dbdataset As New DataSet

dbdataset.Clear()
dbadapter.Fill(dbdataset, “accountstbl”)
If dbdataset.Tables(”accountstbl”).DefaultView.Count = 0 Then
Me.Label3.Text = “Invalid Username or Password. Access Denied!”
Exit Sub
Else
Session(”varusername”) = Me.TextBox1.Text.Trim
Response.Redirect(”mainpage.aspx”)

End If

End Sub

Sub loginako(ByVal sender As Object, ByVal e As System.EventArgs)
loading()

End Sub

</script>

<html xmlns=”http://www.w3.org/1999/xhtml” >
<head runat=”server”>
<title>Login Page</title>
</head>
<body>
<form id=”form1″ runat=”server”>
<div align=”center”>
<table width=”400″ border=”1″ cellpadding=”2″ cellspacing=”2″ bordercolor=”silver”>
<tr>
<td>
<asp:Label ID=”Label1″ runat=”server” Text=”Username”></asp:Label></td>
<td>
<asp:TextBox ID=”TextBox1″ runat=”server”></asp:TextBox></td>
</tr>
<tr>
<td>
<asp:Label ID=”Label2″ runat=”server” Text=”Password”></asp:Label></td>
<td>
<asp:TextBox ID=”TextBox2″ runat=”server” TextMode=”Password”></asp:TextBox></td>
</tr>
<tr>
<td colspan=”2″ align=”center”>
<asp:Button ID=”Button1″ runat=”server” Text=”Login” OnClick=”loginako” /></td>

</tr>
<tr>
<td colspan=”2″ align=”center”>
<asp:Label ID=”Label3″ runat=”server” ForeColor=”Red”></asp:Label></td>

</tr>
</table>

</div>
</form>
</body>
</html>

———————————————————————–
Then type the following codes for the mainpage.aspx page:
———————————————————————–

<%@ Page Language=”VB” %>
<%@ Import Namespace=”System.Data” %>
<%@ Import Namespace=”System.Data.Odbc” %>
<%@ Import Namespace=”System.XML” %>

<!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0 Transitional//EN” “http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd”>

<script runat=”server”>
Private dbconn As New Odbc.OdbcConnection(”Driver={Microsoft Access Driver (*.mdb)};DBQ=” & Server.MapPath(”~\App_Data\logindb.mdb”))
Private dbadapter As New Odbc.OdbcDataAdapter(”Select * from accountstbl”, dbconn)
Private dbdataset As New DataSet

Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs)
If Session(”varusername”) = vbNullString Then
Response.Redirect(”login.aspx”)

End If
Response.Write(”Welcome! ” & Session(”varusername”))
loading()

End Sub

Sub loading()
dbdataset.Clear()
dbadapter.Fill(dbdataset, “accountstbl”)
Me.GridView1.DataSource = dbdataset.Tables(”accountstbl”).DefaultView
Me.GridView1.DataBind()

End Sub

Protected Sub Button1_Click(ByVal sender As Object, ByVal e As System.EventArgs)
Session.Clear()
Response.Redirect(”login.aspx”)

End Sub

Sub InsertKayo(ByVal sender As Object, ByVal e As System.EventArgs)
If Me.TextBox1.Text = vbNullString Then
Me.Label3.Text = “Username cannot be empty!”
Exit Sub
End If
If Me.TextBox2.Text = vbNullString Then
Me.Label3.Text = “Password cannot be empty!”
Exit Sub
End If
Dim insertcommand As New Odbc.OdbcCommand
insertcommand.CommandText = “Insert Into accountstbl ([Username], [Password]) Values (’” & Me.TextBox1.Text.Trim & “‘, ‘” & Me.TextBox2.Text.Trim & “‘)”
insertcommand.Connection = dbconn
dbconn.Open()
insertcommand.ExecuteReader()
dbconn.Close()
loading()
Me.Label3.Text = “New account successfully added.”
Me.TextBox1.Text = vbNullString
Me.TextBox2.Text = vbNullString

End Sub

Protected Sub GridView1_SelectedIndexChanged(ByVal sender As Object, ByVal e As System.EventArgs)
Me.TextBox1.Text = dbdataset.Tables(”accountstbl”).DefaultView.Item(Me.GridView1.SelectedIndex).Item(1)
Me.TextBox2.Text = dbdataset.Tables(”accountstbl”).DefaultView.Item(Me.GridView1.SelectedIndex).Item(2)
Me.TextBox3.Text = dbdataset.Tables(”accountstbl”).DefaultView.Item(Me.GridView1.SelectedIndex).Item(0)

End Sub

Protected Sub Button3_Click(ByVal sender As Object, ByVal e As System.EventArgs)
Me.TextBox1.Text = vbNullString
Me.TextBox2.Text = vbNullString
Me.TextBox3.Text = vbNullString

End Sub

Protected Sub Button4_Click(ByVal sender As Object, ByVal e As System.EventArgs)
If Me.TextBox3.Text = vbNullString Then
Exit Sub

End If
Dim deletecommand As New Odbc.OdbcCommand
deletecommand.CommandText = “Delete From accountstbl Where IDNO=” & Val(Me.TextBox3.Text.Trim)
deletecommand.Connection = dbconn
dbconn.Open()
deletecommand.ExecuteReader()
dbconn.Close()
loading()
Me.Label3.Text = “Account Successfully Deleted.”

End Sub

Protected Sub Button5_Click(ByVal sender As Object, ByVal e As System.EventArgs)
If Me.TextBox3.Text = vbNullString Then
Exit Sub

End If
Dim updatecommand As New Odbc.OdbcCommand
updatecommand.CommandText = “Update accountstbl Set [Username]=’” & Me.TextBox1.Text.Trim & “‘, [Password]=’” & Me.TextBox2.Text.Trim & “‘ Where IDNO=” & Val(Me.TextBox3.Text.Trim)
updatecommand.Connection = dbconn
dbconn.Open()
updatecommand.ExecuteReader()
dbconn.Close()
loading()
Me.Label3.Text = “Account Successfully Updated.”

End Sub
</script>

<html xmlns=”http://www.w3.org/1999/xhtml” >
<head runat=”server”>
<title>Mainpage</title>
</head>
<body>
<form id=”form1″ runat=”server”>
<asp:Button ID=”Button1″ runat=”server” Text=”Logout” OnClick=”Button1_Click” />
<hr />
<div align=”center”>
<asp:GridView
ID=”GridView1″
runat=”server”
BackColor=”LightGoldenrodYellow”
BorderColor=”Tan”
BorderWidth=”1px”
CellPadding=”2″
ForeColor=”Black”
GridLines=”None”
Width=”500px”
AutoGenerateColumns=”False” DataKeyNames=”IDNO” OnSelectedIndexChanged=”GridView1_SelectedIndexChanged” AllowPaging=”True”>
<FooterStyle BackColor=”Tan” />
<SelectedRowStyle BackColor=”DarkSlateBlue” ForeColor=”GhostWhite” />
<PagerStyle BackColor=”PaleGoldenrod” ForeColor=”DarkSlateBlue” HorizontalAlign=”Center” />
<HeaderStyle BackColor=”Tan” Font-Bold=”True” />
<AlternatingRowStyle BackColor=”PaleGoldenrod” />
<Columns>
<asp:CommandField ButtonType=”Button” ShowSelectButton=”True” />
<asp:BoundField DataField=”IDNO” HeaderText=”IDNO” />
<asp:BoundField DataField=”Username” HeaderText=”Username” />
<asp:BoundField DataField=”Password” HeaderText=”Password” />
</Columns>
</asp:GridView>

</div>
<hr />
<table width=”400″ border=”1″ cellpadding=”2″ cellspacing=”2″ bordercolor=”silver”>
<tr>
<td>
<asp:Label ID=”Label4″ runat=”server” Text=”IDNO”></asp:Label></td>
<td>
<asp:TextBox ID=”TextBox3″ runat=”server” ReadOnly=”true”></asp:TextBox></td>
</tr>
<tr>
<td>
<asp:Label ID=”Label1″ runat=”server” Text=”Username”></asp:Label></td>
<td>
<asp:TextBox ID=”TextBox1″ runat=”server”></asp:TextBox></td>
</tr>
<tr>
<td>
<asp:Label ID=”Label2″ runat=”server” Text=”Password”></asp:Label></td>
<td>
<asp:TextBox ID=”TextBox2″ runat=”server” ></asp:TextBox></td>
</tr>
<tr>
<td colspan=”2″ align=”center”>
<asp:Button ID=”Button3″ runat=”server” OnClick=”Button3_Click” Text=”Reset” />
<asp:Button ID=”Button2″ runat=”server” Text=”Insert Record” OnClick=”InsertKayo” />
<asp:Button ID=”Button4″ runat=”server” OnClick=”Button4_Click” Text=”Delete” />
<asp:Button ID=”Button5″ runat=”server” OnClick=”Button5_Click” Text=”Update” /></td>

</tr>
<tr>
<td colspan=”2″ align=”center”>
<asp:Label ID=”Label3″ runat=”server” ForeColor=”Red”></asp:Label></td>

</tr>
</table>
</form>
</body>
</html>

———————————————————————–
And finally, copy the logindb.mdb (the Access database you created) in the App_Data folder of your website. Before running the application, make sure you have at least 1 user accounts directly encoded in the accountstbl table of your database to serve as the first login accounts to be used to access the mainpage.aspx page.

Reminder: Please encode the codes manually (do not copy and paste) to avoid change of characters due to css formatting issue. At the same time, doing it on your own increases the level of learning on your part.