login em web developer

silencept

Power Member
boas pessoaleu iniciei-me a pouco em web developer..
estou a tentar fazer um login...
aqui o que eu ja fiz:

Código:
[SIZE=2][COLOR=#0000ff]Imports[/COLOR][/SIZE][SIZE=2][COLOR=#000000] System.Data[/COLOR][/SIZE]
[SIZE=2][COLOR=#0000ff]Imports[/COLOR][/SIZE][SIZE=2][COLOR=#000000] System.Data.OleDb [/COLOR][/SIZE][SIZE=2][COLOR=#008000]'Importar as classes de System.Data.OleDb[/COLOR][/SIZE]
[SIZE=2][COLOR=#0000ff]Partial[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]Class[/COLOR][/SIZE][SIZE=2][COLOR=#000000] _Default[/COLOR][/SIZE]
[SIZE=2][COLOR=#0000ff]Inherits[/COLOR][/SIZE][SIZE=2] System.Web.UI.Page[/SIZE]
[SIZE=2][COLOR=#0000ff]Protected[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]Sub[/COLOR][/SIZE][SIZE=2] txtusername_TextChanged([/SIZE][SIZE=2][COLOR=#0000ff]ByVal[/COLOR][/SIZE][SIZE=2] sender [/SIZE][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]Object[/COLOR][/SIZE][SIZE=2], [/SIZE][SIZE=2][COLOR=#0000ff]ByVal[/COLOR][/SIZE][SIZE=2] e [/SIZE][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][SIZE=2] System.EventArgs) [/SIZE][SIZE=2][COLOR=#0000ff]Handles[/COLOR][/SIZE][SIZE=2] txtusername.TextChanged[/SIZE]
[SIZE=2]txtpass.Focus()[/SIZE]
[SIZE=2][COLOR=#0000ff]End[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]Sub[/COLOR][/SIZE]
[SIZE=2][COLOR=#0000ff]Protected[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]Sub[/COLOR][/SIZE][SIZE=2] txtpass_TextChanged([/SIZE][SIZE=2][COLOR=#0000ff]ByVal[/COLOR][/SIZE][SIZE=2] sender [/SIZE][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]Object[/COLOR][/SIZE][SIZE=2], [/SIZE][SIZE=2][COLOR=#0000ff]ByVal[/COLOR][/SIZE][SIZE=2] e [/SIZE][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][SIZE=2] System.EventArgs) [/SIZE][SIZE=2][COLOR=#0000ff]Handles[/COLOR][/SIZE][SIZE=2] txtpass.TextChanged[/SIZE]
[SIZE=2][COLOR=#0000ff]Call[/COLOR][/SIZE][SIZE=2] cmdlogin.Focus()[/SIZE]
[SIZE=2][COLOR=#0000ff]End[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]Sub[/COLOR][/SIZE]
[SIZE=2][COLOR=#0000ff]Protected[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]Sub[/COLOR][/SIZE][SIZE=2] cmdlogin_Click([/SIZE][SIZE=2][COLOR=#0000ff]ByVal[/COLOR][/SIZE][SIZE=2] sender [/SIZE][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]Object[/COLOR][/SIZE][SIZE=2], [/SIZE][SIZE=2][COLOR=#0000ff]ByVal[/COLOR][/SIZE][SIZE=2] e [/SIZE][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][SIZE=2] System.EventArgs) [/SIZE][SIZE=2][COLOR=#0000ff]Handles[/COLOR][/SIZE][SIZE=2] cmdlogin.Click[/SIZE]
[SIZE=2][COLOR=#008000]'se o txtusername esta em branco...[/COLOR][/SIZE]
[SIZE=2][COLOR=#0000ff]If[/COLOR][/SIZE][SIZE=2] txtusername.Text.Trim = [/SIZE][SIZE=2][COLOR=#a31515]""[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]Then[/COLOR][/SIZE]
[SIZE=2]lblmsg.Text = ([/SIZE][SIZE=2][COLOR=#a31515]"Informe o Login !"[/COLOR][/SIZE][SIZE=2])[/SIZE]
[SIZE=2]txtusername.Focus()[/SIZE]
[SIZE=2][COLOR=#0000ff]Exit[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]Sub[/COLOR][/SIZE]
[SIZE=2][COLOR=#0000ff]End[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]If[/COLOR][/SIZE]
[SIZE=2][COLOR=#008000]'se o txtpass esta em branco...[/COLOR][/SIZE]
[SIZE=2][COLOR=#0000ff]If[/COLOR][/SIZE][SIZE=2] txtpass.Text.Trim = [/SIZE][SIZE=2][COLOR=#a31515]""[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]Then[/COLOR][/SIZE]
[SIZE=2]lblmsg.Text = ([/SIZE][SIZE=2][COLOR=#a31515]"Informe a Password !"[/COLOR][/SIZE][SIZE=2])[/SIZE]
[SIZE=2]txtpass.Focus()[/SIZE]
[SIZE=2][COLOR=#0000ff]Exit[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]Sub[/COLOR][/SIZE]
[SIZE=2][COLOR=#0000ff]End[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]If[/COLOR][/SIZE]
[SIZE=2]verificaLogin()[/SIZE]
[SIZE=2][COLOR=#0000ff]End[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]Sub[/COLOR][/SIZE]
[SIZE=2][COLOR=#0000ff]Protected[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]Sub[/COLOR][/SIZE][SIZE=2] form1_Load([/SIZE][SIZE=2][COLOR=#0000ff]ByVal[/COLOR][/SIZE][SIZE=2] sender [/SIZE][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]Object[/COLOR][/SIZE][SIZE=2], [/SIZE][SIZE=2][COLOR=#0000ff]ByVal[/COLOR][/SIZE][SIZE=2] e [/SIZE][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][SIZE=2] System.EventArgs) [/SIZE][SIZE=2][COLOR=#0000ff]Handles[/COLOR][/SIZE][SIZE=2] form1.Load[/SIZE]
[SIZE=2]txtusername.Focus()[/SIZE]
[SIZE=2][COLOR=#008000]'String de conexao[/COLOR][/SIZE]
[SIZE=2][COLOR=#0000ff]Dim[/COLOR][/SIZE][SIZE=2] conexao [/SIZE][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][SIZE=2] OleDbConnection[/SIZE]
[SIZE=2][COLOR=#0000ff]Dim[/COLOR][/SIZE][SIZE=2] meuComando [/SIZE][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][SIZE=2] OleDbCommand[/SIZE]
[SIZE=2][COLOR=#0000ff]Dim[/COLOR][/SIZE][SIZE=2] meuDataReader [/SIZE][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][SIZE=2] OleDbDataReader[/SIZE]
[SIZE=2][COLOR=#0000ff]Dim[/COLOR][/SIZE][SIZE=2] SQLStmt [/SIZE][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]String[/COLOR][/SIZE]
[SIZE=2]conexao = [/SIZE][SIZE=2][COLOR=#0000ff]New[/COLOR][/SIZE][SIZE=2] OleDbConnection([/SIZE][SIZE=2][COLOR=#a31515]"Provider=Microsoft.Jet.OLEDB.4.0;Data Source="[/COLOR][/SIZE][SIZE=2] & Server.MapPath([/SIZE][SIZE=2][COLOR=#a31515]"App_Data\bd.mdb"[/COLOR][/SIZE][SIZE=2]))[/SIZE]
[SIZE=2]conexao.Open()[/SIZE]
[SIZE=2]SQLStmt = [/SIZE][SIZE=2][COLOR=#a31515]"SELECT * FROM Utilizador"[/COLOR][/SIZE]
[SIZE=2]meuComando = [/SIZE][SIZE=2][COLOR=#0000ff]New[/COLOR][/SIZE][SIZE=2] OleDbCommand(SQLStmt, conexao)[/SIZE]
[SIZE=2]meuDataReader = meuComando.ExecuteReader()[/SIZE]
 
[SIZE=2][COLOR=#0000ff]End[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]Sub[/COLOR][/SIZE]
[SIZE=2][COLOR=#0000ff]Private[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]Sub[/COLOR][/SIZE][SIZE=2] verificaLogin()[/SIZE]
[SIZE=2][COLOR=#0000ff]Dim[/COLOR][/SIZE][SIZE=2] dr [/SIZE][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][SIZE=2] OleDb.OleDbDataReader[/SIZE]
[SIZE=2][COLOR=#0000ff]Dim[/COLOR][/SIZE][SIZE=2] cn [/SIZE][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]New[/COLOR][/SIZE][SIZE=2] OleDb.OleDbConnection[/SIZE]
[SIZE=2][COLOR=#0000ff]Dim[/COLOR][/SIZE][SIZE=2] cm [/SIZE][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]New[/COLOR][/SIZE][SIZE=2] OleDb.OleDbCommand[/SIZE]
 
[SIZE=2][COLOR=#0000ff]Dim[/COLOR][/SIZE][SIZE=2] usuario [/SIZE][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]String[/COLOR][/SIZE][SIZE=2] = txtusername.Text[/SIZE]
[SIZE=2][COLOR=#0000ff]Dim[/COLOR][/SIZE][SIZE=2] senha [/SIZE][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]String[/COLOR][/SIZE][SIZE=2] = txtpassword.Text[/SIZE]
 
[SIZE=2][COLOR=#008000]'SQL Injection ==>> se voce digitar 'or' 1 '=' 1 no usuario e na senha vai passar[/COLOR][/SIZE]
[SIZE=2][COLOR=#0000ff]Try[/COLOR][/SIZE]
[SIZE=2][COLOR=#008000]'cn.ConnectionString = System.Configuration.ConfigurationManager.AppSettings("ConnectionString")[/COLOR][/SIZE]
[SIZE=2]cn = [/SIZE][SIZE=2][COLOR=#0000ff]New[/COLOR][/SIZE][SIZE=2] OleDbConnection([/SIZE][SIZE=2][COLOR=#a31515]"Provider=Microsoft.Jet.OLEDB.4.0;Data Source="[/COLOR][/SIZE][SIZE=2] & Server.MapPath([/SIZE][SIZE=2][COLOR=#a31515]"App_Data\bd.mdb"[/COLOR][/SIZE][SIZE=2]))[/SIZE]
[SIZE=2]cn.Open()[/SIZE]
[SIZE=2]cm.Connection = cn[/SIZE]
[SIZE=2]cm.CommandText = [/SIZE][SIZE=2][COLOR=#a31515]"Select * From Utilizador where [Login]='"[/COLOR][/SIZE][SIZE=2] & usuario & [/SIZE][SIZE=2][COLOR=#a31515]"' and [password]='"[/COLOR][/SIZE][SIZE=2] & senha & [/SIZE][SIZE=2][COLOR=#a31515]"'"[/COLOR][/SIZE]
[SIZE=2]dr = cm.ExecuteReader()[/SIZE]
[SIZE=2][COLOR=#0000ff]If[/COLOR][/SIZE][SIZE=2] dr.HasRows [/SIZE][SIZE=2][COLOR=#0000ff]Then[/COLOR][/SIZE]
[SIZE=2]System.Web.Security.FormsAuthentication.RedirectFromLoginPage(usuario, [/SIZE][SIZE=2][COLOR=#0000ff]False[/COLOR][/SIZE][SIZE=2])[/SIZE]
[SIZE=2]lblmsg.Text = ([/SIZE][SIZE=2][COLOR=#a31515]"Login Correcto"[/COLOR][/SIZE][SIZE=2])[/SIZE]
[SIZE=2]Response.Redirect([/SIZE][SIZE=2][COLOR=#a31515]"frmprincipal.aspx"[/COLOR][/SIZE][SIZE=2])
[/SIZE][SIZE=2][COLOR=#0000ff]Else[/COLOR][/SIZE]
[SIZE=2]lblmsg.Text = [/SIZE][SIZE=2][COLOR=#a31515]"Login ou Password Incorrecta!"[/COLOR][/SIZE]
[SIZE=2][COLOR=#0000ff]End[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]If[/COLOR][/SIZE]
[SIZE=2][COLOR=#0000ff]Catch[/COLOR][/SIZE][SIZE=2] ex [/SIZE][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][SIZE=2] Exception[/SIZE]
[SIZE=2]lblmsg.Text = (ex.Message)[/SIZE]
[SIZE=2][COLOR=#0000ff]End[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]Try[/COLOR][/SIZE]
[SIZE=2][COLOR=#0000ff]End[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]Sub[/COLOR][/SIZE]
[SIZE=2][COLOR=#0000ff]End[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]Class[/COLOR][/SIZE]
O problema é que ele chega a esta parte
Código:
[SIZE=2][COLOR=#0000ff][SIZE=2][COLOR=#0000ff]If[/COLOR][/SIZE][SIZE=2] dr.HasRows [/SIZE][SIZE=2][COLOR=#0000ff]Then[/COLOR][/SIZE]
 
[SIZE=2]System.Web.Security.FormsAuthentication.RedirectFromLoginPage(usuario, [/SIZE][SIZE=2][COLOR=#0000ff]False[/COLOR][/SIZE][SIZE=2])[/SIZE]
[SIZE=2]lblmsg.Text = ([/SIZE][SIZE=2][COLOR=#a31515]"Login Correcto"[/COLOR][/SIZE][SIZE=2])[/SIZE]
[SIZE=2][COLOR=#0000ff]Else[/COLOR][/SIZE]
 
[SIZE=2]lblmsg.Text = [/SIZE][SIZE=2][COLOR=#a31515]"Login ou Password Incorrecta!"[/COLOR][/SIZE]
 
[SIZE=2][COLOR=#0000ff]End[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]If[/COLOR][/SIZE]
[/COLOR][/SIZE]

ele diz-me sempre que o "Login ou Password Incorrecta!"...mas esse login e password existe na base de dados

Alguem sabe como resolver?
obrigado
 
Última edição pelo moderador:
Back
Topo