Hi, thanks Jamie and Cerebrus.
following on from that i'm using a database that I built in visual studio but im having some trouble with the connection string it seems - is this right? conn.ConnectionString = @"Data Source = C:\Documents and Settings\livsey\Desktop\VisualStudio\MyFolder\MyApp\MyDB.sdf; Initial Catalog=Futureworks;Integrated Security=True"; thanks again On Wed, Oct 13, 2010 at 9:46 AM, Jamie Fraser <[email protected]>wrote: > Start as you mean to continue: > > string query = "SELECT * FROM [User] WHERE username = @Username AND > hashedpassword = @HashedPass" > > SqlCommand myCommand = new SqlCommand(query, conn); > myCommand.Paramaters.AddWithValue("@Username", username); > myCommand.Paramaters.AddWithValue("@HashedPass", hashedPassword); > read = myCommand.ExecuteReader(); > > Then if the count of rows is 1, you have a valid login, else you don't. > > > On Tue, Oct 12, 2010 at 12:52 PM, james <[email protected]>wrote: > >> Hi, >> >> I'm currently working on a log in page for a windows app. >> >> All i want to do at this stage is check the entered username and >> password against the values held in the database. >> >> currently I have >> >> SqlDataReader read = null; >> >> string query = "SELECT * FROM [User] WHERE username = " + enteredUser; >> SqlCommand myCommand = new SqlCommand(query, conn); >> read = myCommand.ExecuteReader(); >> >> //and just to check the values >> >> if((string)read["pass"]==txtPass.Text) >> { >> MessageBox.Show("worked"); >> } >> >> does this look like it should be working? Its not bringing back any >> values when i enter details i know exist in the database. >> >> thanks > > >
