1. Este site usa cookies. Ao continuar a usar este site está a concordar com o nosso uso de cookies. Saber Mais.

login em web developer

Discussão em 'Web Development' iniciada por silencept, 12 de Junho de 2008. (Respostas: 2; Visualizações: 670)

  1. silencept

    silencept Power Member

    boas pessoaleu iniciei-me a pouco em web developer..
    estou a tentar fazer um login...
    aqui o que eu ja fiz:

    Código:
    [SIZE=2][COLOR=#0000ff]Imports[/COLOR][/SIZE][SIZE=2][COLOR=#000000] System.Data[/COLOR][/SIZE]
    [SIZE=2][COLOR=#0000ff]Imports[/COLOR][/SIZE][SIZE=2][COLOR=#000000] System.Data.OleDb [/COLOR][/SIZE][SIZE=2][COLOR=#008000]'Importar as classes de System.Data.OleDb[/COLOR][/SIZE]
    [SIZE=2][COLOR=#0000ff]Partial[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]Class[/COLOR][/SIZE][SIZE=2][COLOR=#000000] _Default[/COLOR][/SIZE]
    [SIZE=2][COLOR=#0000ff]Inherits[/COLOR][/SIZE][SIZE=2] System.Web.UI.Page[/SIZE]
    [SIZE=2][COLOR=#0000ff]Protected[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]Sub[/COLOR][/SIZE][SIZE=2] txtusername_TextChanged([/SIZE][SIZE=2][COLOR=#0000ff]ByVal[/COLOR][/SIZE][SIZE=2] sender [/SIZE][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]Object[/COLOR][/SIZE][SIZE=2], [/SIZE][SIZE=2][COLOR=#0000ff]ByVal[/COLOR][/SIZE][SIZE=2] e [/SIZE][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][SIZE=2] System.EventArgs) [/SIZE][SIZE=2][COLOR=#0000ff]Handles[/COLOR][/SIZE][SIZE=2] txtusername.TextChanged[/SIZE]
    [SIZE=2]txtpass.Focus()[/SIZE]
    [SIZE=2][COLOR=#0000ff]End[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]Sub[/COLOR][/SIZE]
    [SIZE=2][COLOR=#0000ff]Protected[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]Sub[/COLOR][/SIZE][SIZE=2] txtpass_TextChanged([/SIZE][SIZE=2][COLOR=#0000ff]ByVal[/COLOR][/SIZE][SIZE=2] sender [/SIZE][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]Object[/COLOR][/SIZE][SIZE=2], [/SIZE][SIZE=2][COLOR=#0000ff]ByVal[/COLOR][/SIZE][SIZE=2] e [/SIZE][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][SIZE=2] System.EventArgs) [/SIZE][SIZE=2][COLOR=#0000ff]Handles[/COLOR][/SIZE][SIZE=2] txtpass.TextChanged[/SIZE]
    [SIZE=2][COLOR=#0000ff]Call[/COLOR][/SIZE][SIZE=2] cmdlogin.Focus()[/SIZE]
    [SIZE=2][COLOR=#0000ff]End[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]Sub[/COLOR][/SIZE]
    [SIZE=2][COLOR=#0000ff]Protected[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]Sub[/COLOR][/SIZE][SIZE=2] cmdlogin_Click([/SIZE][SIZE=2][COLOR=#0000ff]ByVal[/COLOR][/SIZE][SIZE=2] sender [/SIZE][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]Object[/COLOR][/SIZE][SIZE=2], [/SIZE][SIZE=2][COLOR=#0000ff]ByVal[/COLOR][/SIZE][SIZE=2] e [/SIZE][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][SIZE=2] System.EventArgs) [/SIZE][SIZE=2][COLOR=#0000ff]Handles[/COLOR][/SIZE][SIZE=2] cmdlogin.Click[/SIZE]
    [SIZE=2][COLOR=#008000]'se o txtusername esta em branco...[/COLOR][/SIZE]
    [SIZE=2][COLOR=#0000ff]If[/COLOR][/SIZE][SIZE=2] txtusername.Text.Trim = [/SIZE][SIZE=2][COLOR=#a31515]""[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]Then[/COLOR][/SIZE]
    [SIZE=2]lblmsg.Text = ([/SIZE][SIZE=2][COLOR=#a31515]"Informe o Login !"[/COLOR][/SIZE][SIZE=2])[/SIZE]
    [SIZE=2]txtusername.Focus()[/SIZE]
    [SIZE=2][COLOR=#0000ff]Exit[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]Sub[/COLOR][/SIZE]
    [SIZE=2][COLOR=#0000ff]End[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]If[/COLOR][/SIZE]
    [SIZE=2][COLOR=#008000]'se o txtpass esta em branco...[/COLOR][/SIZE]
    [SIZE=2][COLOR=#0000ff]If[/COLOR][/SIZE][SIZE=2] txtpass.Text.Trim = [/SIZE][SIZE=2][COLOR=#a31515]""[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]Then[/COLOR][/SIZE]
    [SIZE=2]lblmsg.Text = ([/SIZE][SIZE=2][COLOR=#a31515]"Informe a Password !"[/COLOR][/SIZE][SIZE=2])[/SIZE]
    [SIZE=2]txtpass.Focus()[/SIZE]
    [SIZE=2][COLOR=#0000ff]Exit[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]Sub[/COLOR][/SIZE]
    [SIZE=2][COLOR=#0000ff]End[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]If[/COLOR][/SIZE]
    [SIZE=2]verificaLogin()[/SIZE]
    [SIZE=2][COLOR=#0000ff]End[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]Sub[/COLOR][/SIZE]
    [SIZE=2][COLOR=#0000ff]Protected[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]Sub[/COLOR][/SIZE][SIZE=2] form1_Load([/SIZE][SIZE=2][COLOR=#0000ff]ByVal[/COLOR][/SIZE][SIZE=2] sender [/SIZE][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]Object[/COLOR][/SIZE][SIZE=2], [/SIZE][SIZE=2][COLOR=#0000ff]ByVal[/COLOR][/SIZE][SIZE=2] e [/SIZE][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][SIZE=2] System.EventArgs) [/SIZE][SIZE=2][COLOR=#0000ff]Handles[/COLOR][/SIZE][SIZE=2] form1.Load[/SIZE]
    [SIZE=2]txtusername.Focus()[/SIZE]
    [SIZE=2][COLOR=#008000]'String de conexao[/COLOR][/SIZE]
    [SIZE=2][COLOR=#0000ff]Dim[/COLOR][/SIZE][SIZE=2] conexao [/SIZE][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][SIZE=2] OleDbConnection[/SIZE]
    [SIZE=2][COLOR=#0000ff]Dim[/COLOR][/SIZE][SIZE=2] meuComando [/SIZE][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][SIZE=2] OleDbCommand[/SIZE]
    [SIZE=2][COLOR=#0000ff]Dim[/COLOR][/SIZE][SIZE=2] meuDataReader [/SIZE][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][SIZE=2] OleDbDataReader[/SIZE]
    [SIZE=2][COLOR=#0000ff]Dim[/COLOR][/SIZE][SIZE=2] SQLStmt [/SIZE][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]String[/COLOR][/SIZE]
    [SIZE=2]conexao = [/SIZE][SIZE=2][COLOR=#0000ff]New[/COLOR][/SIZE][SIZE=2] OleDbConnection([/SIZE][SIZE=2][COLOR=#a31515]"Provider=Microsoft.Jet.OLEDB.4.0;Data Source="[/COLOR][/SIZE][SIZE=2] & Server.MapPath([/SIZE][SIZE=2][COLOR=#a31515]"App_Data\bd.mdb"[/COLOR][/SIZE][SIZE=2]))[/SIZE]
    [SIZE=2]conexao.Open()[/SIZE]
    [SIZE=2]SQLStmt = [/SIZE][SIZE=2][COLOR=#a31515]"SELECT * FROM Utilizador"[/COLOR][/SIZE]
    [SIZE=2]meuComando = [/SIZE][SIZE=2][COLOR=#0000ff]New[/COLOR][/SIZE][SIZE=2] OleDbCommand(SQLStmt, conexao)[/SIZE]
    [SIZE=2]meuDataReader = meuComando.ExecuteReader()[/SIZE]
     
    [SIZE=2][COLOR=#0000ff]End[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]Sub[/COLOR][/SIZE]
    [SIZE=2][COLOR=#0000ff]Private[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]Sub[/COLOR][/SIZE][SIZE=2] verificaLogin()[/SIZE]
    [SIZE=2][COLOR=#0000ff]Dim[/COLOR][/SIZE][SIZE=2] dr [/SIZE][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][SIZE=2] OleDb.OleDbDataReader[/SIZE]
    [SIZE=2][COLOR=#0000ff]Dim[/COLOR][/SIZE][SIZE=2] cn [/SIZE][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]New[/COLOR][/SIZE][SIZE=2] OleDb.OleDbConnection[/SIZE]
    [SIZE=2][COLOR=#0000ff]Dim[/COLOR][/SIZE][SIZE=2] cm [/SIZE][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]New[/COLOR][/SIZE][SIZE=2] OleDb.OleDbCommand[/SIZE]
     
    [SIZE=2][COLOR=#0000ff]Dim[/COLOR][/SIZE][SIZE=2] usuario [/SIZE][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]String[/COLOR][/SIZE][SIZE=2] = txtusername.Text[/SIZE]
    [SIZE=2][COLOR=#0000ff]Dim[/COLOR][/SIZE][SIZE=2] senha [/SIZE][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]String[/COLOR][/SIZE][SIZE=2] = txtpassword.Text[/SIZE]
     
    [SIZE=2][COLOR=#008000]'SQL Injection ==>> se voce digitar 'or' 1 '=' 1 no usuario e na senha vai passar[/COLOR][/SIZE]
    [SIZE=2][COLOR=#0000ff]Try[/COLOR][/SIZE]
    [SIZE=2][COLOR=#008000]'cn.ConnectionString = System.Configuration.ConfigurationManager.AppSettings("ConnectionString")[/COLOR][/SIZE]
    [SIZE=2]cn = [/SIZE][SIZE=2][COLOR=#0000ff]New[/COLOR][/SIZE][SIZE=2] OleDbConnection([/SIZE][SIZE=2][COLOR=#a31515]"Provider=Microsoft.Jet.OLEDB.4.0;Data Source="[/COLOR][/SIZE][SIZE=2] & Server.MapPath([/SIZE][SIZE=2][COLOR=#a31515]"App_Data\bd.mdb"[/COLOR][/SIZE][SIZE=2]))[/SIZE]
    [SIZE=2]cn.Open()[/SIZE]
    [SIZE=2]cm.Connection = cn[/SIZE]
    [SIZE=2]cm.CommandText = [/SIZE][SIZE=2][COLOR=#a31515]"Select * From Utilizador where [Login]='"[/COLOR][/SIZE][SIZE=2] & usuario & [/SIZE][SIZE=2][COLOR=#a31515]"' and [password]='"[/COLOR][/SIZE][SIZE=2] & senha & [/SIZE][SIZE=2][COLOR=#a31515]"'"[/COLOR][/SIZE]
    [SIZE=2]dr = cm.ExecuteReader()[/SIZE]
    [SIZE=2][COLOR=#0000ff]If[/COLOR][/SIZE][SIZE=2] dr.HasRows [/SIZE][SIZE=2][COLOR=#0000ff]Then[/COLOR][/SIZE]
    [SIZE=2]System.Web.Security.FormsAuthentication.RedirectFromLoginPage(usuario, [/SIZE][SIZE=2][COLOR=#0000ff]False[/COLOR][/SIZE][SIZE=2])[/SIZE]
    [SIZE=2]lblmsg.Text = ([/SIZE][SIZE=2][COLOR=#a31515]"Login Correcto"[/COLOR][/SIZE][SIZE=2])[/SIZE]
    [SIZE=2]Response.Redirect([/SIZE][SIZE=2][COLOR=#a31515]"frmprincipal.aspx"[/COLOR][/SIZE][SIZE=2])
    [/SIZE][SIZE=2][COLOR=#0000ff]Else[/COLOR][/SIZE]
    [SIZE=2]lblmsg.Text = [/SIZE][SIZE=2][COLOR=#a31515]"Login ou Password Incorrecta!"[/COLOR][/SIZE]
    [SIZE=2][COLOR=#0000ff]End[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]If[/COLOR][/SIZE]
    [SIZE=2][COLOR=#0000ff]Catch[/COLOR][/SIZE][SIZE=2] ex [/SIZE][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][SIZE=2] Exception[/SIZE]
    [SIZE=2]lblmsg.Text = (ex.Message)[/SIZE]
    [SIZE=2][COLOR=#0000ff]End[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]Try[/COLOR][/SIZE]
    [SIZE=2][COLOR=#0000ff]End[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]Sub[/COLOR][/SIZE]
    [SIZE=2][COLOR=#0000ff]End[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]Class[/COLOR][/SIZE]
    
    O problema é que ele chega a esta parte
    Código:
    [SIZE=2][COLOR=#0000ff][SIZE=2][COLOR=#0000ff]If[/COLOR][/SIZE][SIZE=2] dr.HasRows [/SIZE][SIZE=2][COLOR=#0000ff]Then[/COLOR][/SIZE]
     
    [SIZE=2]System.Web.Security.FormsAuthentication.RedirectFromLoginPage(usuario, [/SIZE][SIZE=2][COLOR=#0000ff]False[/COLOR][/SIZE][SIZE=2])[/SIZE]
    [SIZE=2]lblmsg.Text = ([/SIZE][SIZE=2][COLOR=#a31515]"Login Correcto"[/COLOR][/SIZE][SIZE=2])[/SIZE]
    [SIZE=2][COLOR=#0000ff]Else[/COLOR][/SIZE]
     
    [SIZE=2]lblmsg.Text = [/SIZE][SIZE=2][COLOR=#a31515]"Login ou Password Incorrecta!"[/COLOR][/SIZE]
     
    [SIZE=2][COLOR=#0000ff]End[/COLOR][/SIZE][SIZE=2][COLOR=#0000ff]If[/COLOR][/SIZE]
    [/COLOR][/SIZE]

    ele diz-me sempre que o "Login ou Password Incorrecta!"...mas esse login e password existe na base de dados

    Alguem sabe como resolver?
    obrigado
     
    Última edição pelo moderador: 16 de Junho de 2008
  2. |pr3t3nd3r|

    |pr3t3nd3r| Power Member

    faz o debugging e ve onde é que ele retorna, ou nao retorna o resultado experado, mete breakpoints e diz-nos onde ele nao faz o que devia!!!
     
  3. silencept

    silencept Power Member

    problema resolvido
    tinha uma variavel a passar mal os valores...
    obrigado
     

Partilhar esta Página