login code not working

Feb 13 2019 11:10 PM

i have a login table which contains userid username password lastvisited and so on i wrote a code for login but its not working below is the code

and also the password is not visible in the database its encrypted

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data;
using System.Data.SqlClient;
using System.Configuration;
using System.IO;
using System.Security.Cryptography;
namespace Vas
{
public partial class CostMonitoring : System.Web.UI.Page
{
public static string con_Vas = ConfigurationManager.ConnectionStrings["vas_con"].ConnectionString;
SqlConnection condiv = new SqlConnection(con_Vas);
protected void Page_Load(object sender, EventArgs e)
{
}
protected void btnLogin_Click(object sender, EventArgs e)
{
string strSelect = "SELECT COUNT(*) FROM VAS_Login WHERE UserID = @Username AND Password = @Password";
SqlConnection con = new SqlConnection(con_Vas);
SqlCommand cmd = new SqlCommand("Vas_adminvas_login", con);
cmd.CommandType = CommandType.StoredProcedure;
//SqlCommand cmd = new SqlCommand();
cmd.Connection = con;
cmd.CommandType = CommandType.Text;
cmd.CommandText = strSelect;
SqlParameter username = new SqlParameter("@Username", SqlDbType.NVarChar, 50);
username.Value = txtusername.Text.Trim().ToString();
cmd.Parameters.Add(username);
SqlParameter password = new SqlParameter("@Password", SqlDbType.NVarChar, 100);
password.Value =(txtpass.Text.Trim());
cmd.Parameters.Add(password);
// cmd.CommandTimeout = 1000;
con.Open();
int result = (Int32)cmd.ExecuteScalar();
con.Close();
if (result >= 1)
{
Response.Redirect("www.google.com");
}
else
{
Label1.Text = "incorrect password or username";
}
}
}
}

Answers (7)