0

I try to create login function in ASP.NET using MySQL database and enterprise library.

First I create a database and store procedures.

spselectusertype sp

DELIMITER //


 Create procedure spselectusertype(
        UName varchar(50), 
        Pasword varchar(50)
    )
    BEGIN
Select UserType_ID FROM login
WHERE UName = UName AND UPasword = Pasword;
    end;

splogin sp

create procedure splogin()
BEGIN
        SELECT *
        FROM login
        WHERE UName = UName and UPasword=UPasword;
    END

Then I create a class library and add these functions:

    Database db = DatabaseFactory.CreateDatabase("abc");

    public int UserType(string UName, string UPasword)
    {
        return Convert.ToInt32(db.ExecuteScalar("spselectusertype", new object[] {
         UName, UPasword }).ToString());
    }
    public int SignInUsers(string UName, string Pasword)
    {
        return Convert.ToInt32(db.ExecuteScalar("splogin", new object[] { UName, Pasword }));
    }

Login button code:

        MySqlConnection conn = new   
        MySqlConnection(ConfigurationManager.ConnectionStrings["abc"].ConnectionString);

    ClassLibrary1.Class1 LOGIN = new ClassLibrary1.Class1();




    protected void Button1_Click1(object sender, EventArgs e)
    {

            //UsertpeTID sve in session
            int users = LOGIN.UserType(TextBox1.Text, TextBox2.Text);



            //UserID Save in Session
            int user_id = Convert.ToInt16(LOGIN.SignInUsers(TextBox1.Text, TextBox2.Text));
            Session["UserID"] = user_id;

            if (Session["UserID"] != null)
            {
                user_id = Convert.ToInt32(Session["UserID"].ToString());
            }
            if (users == 1)
            {
                Session["Login2"] = TextBox1.Text;
                Session["Login3"] = TextBox2.Text;

                Session["UserTypeID"] = users;

                Response.Redirect("alldocuments.aspx");
            }
            else if (users == 2)
            {


                Session["Login2"] = TextBox1.Text;
                Session["Login3"] = TextBox2.Text;

                Session["UserTypeID"] = users;

                Response.Redirect("Home.aspx");
                Label3.Visible = true;
            Label3.Text = "Incorrect User Name or Password";
            }
        }

        }

    }

But when I debug my project and enter username and password, it shows me following error

Parameter discovery is not supported for connections using GenericDatabase. You must specify the parameters explicitly, or configure the connection to use a type deriving from Database that supports parameter discovery.

on this line:

return Convert.ToInt32(db.ExecuteScalar("spselectusertype", new object[] {
             UserName, UserPassword }).ToString());

So where is the mistake?

Improve this question

2 Answers 2

Reset to default
1

PLEASE, if you're going to develop an ASP.NET website with login, DO NOT ROLL YOUR OWN SYSTEM (unless you know what you're doing).

What I see from your system, you have barely any seurity of any kind, including role management, folder access management, password hashing and password resets. If you use an ASP.NET membership system (just start a new asp.net web forms application using Visual Studio), you get all that, plus an easy way to manage it all through a local web portal, including the option to select your own database type through the web configuration tool.

Assuming, of course, you have the option to use this, I would start with using this system, because it's a really good basis to start from.

I realize this doesn't answer your question directly, but I still feel like I should suggest it.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

+1 - This goes for not just login systems as a whole, but encryption, hashing, etc. as well. If there's a prebuilt library out there, trying to reinvent the wheel is generally speaking, a terrible idea. Also it looks like passwords are being passed as plain text, and no real protections outside of what the .net framework provides in regards to SQL injection.
0

Error involves in the 

Database db = DatabaseFactory.CreateDatabase("abc");

Since It is only supposed to support SQLServers

Reference

Reference Link Please consider other ways to connect with the database.

Improve this answer

1 Comment

@Ryan McDonough please try again it was editing error sorry for that

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.