# VBForums CodeBank > CodeBank - ASP / ASP.NET / MVC / Web API >  Validate username and Password using Login Control and SQL

## danasegarane

n this code Snippet I am going to show how to use the Login Control with SQL for Authenticate UserName and password



```

1.Place one Login Control Named Login1
2.Declare A Public Varriable named strErrorDescription 



```



```
protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)
    {
        Boolean bauthenticated = false;
        bauthenticated = isValidUser(Login1.UserName, Login1.Password);
        if (bauthenticated)
        {
            e.Authenticated = true;
        }

        else
        {
            e.Authenticated = false;
        }
    }
```

*Code For Validating userName and Password in SQLTable*

_This part of the code will check the username and password from the SQLTable_


```
private Boolean isValidUser(string username, string pwd)
    {
        SqlConnection con = new SqlConnection("DataBase=Northwind;Server=(local);User ID=sa;Password=test");
        SqlCommand cmd = new SqlCommand("select * from users where userid='" + username + "'");// and pwd='" + pwd + "'");
        cmd.Connection = con;
        DataTable dt = new DataTable();
        SqlDataAdapter da = new SqlDataAdapter(cmd);
        con.Open();
        da.Fill(dt);
        con.Close();
        if (dt.Rows.Count == 0)
        {
            strLoginErrorMsg = "Invalid UserName";
            dt.Dispose();
            return false;
        }
        else
        {
            string strTemppwd=Convert.ToString(dt.Rows[0]["pwd"]).Trim();
            if (strTemppwd.ToLower() != Login1.Password.ToLower())
            {
                strLoginErrorMsg = "Invalid Password";
            }
        }
        return true;
       }
```



_OverRide the ErrorMessage_



```
protected void Login1_LoginError(object sender, EventArgs e)
    {
        Login1.FailureText = strLoginErrorMsg;
    }
```


Happy Coding  :wave:   :wave:

----------


## danasegarane

Login Control :

----------


## MAHDi25

Hi danasegarane:

thanks for this code and so :
how to logout on this method and so disable back button browser or can not be able back on page?????!!!!

----------


## gep13

Hey,

You can use the LoginStatus control to provide you with this functionality.

As for disabling the back button, why would you want to do this?  Once the user is logged out, they are no longer authenticated, and as such will be prompted to log in again if they hit the back button.

Gary

----------


## Soundar

> Login Control :


Hi Danasegaran,

When I tried I am getting error. An object Reference is required for the nonstatic field, method, or property.

and 

System.Web.UI.WebControls.Login does not contain a definitiion for "Password"

Please help me

thanks,

Sounar

----------


## danasegarane

Hi Sundar ,
       Welcome to the Forums. I doubt you are not calling the Actual Control name rather than Base control Property.

Take this Example
 1. You drag and drag a Login Control in your form and the name will be Login1
 2. And for getting the Password control associated with the Login Control you need 
     to use the   Login1.Password property. 
              Where
                        the Login1 is the control name 
                        the Password is the Password Text Associated with the Password  
                            control inside the login control.

Hope this helps

----------


## Soundar

Hi Dhasekaran,

Thanks for helping me. Since my laptop became very slow I formatted the hard disk and Installed windows 7 and visual studio 2008. Still I am not able to custom username and password error message using login control. And also I wanted use role based validation using sql 2008.  Kindly help me.

Soundar

----------


## gep13

Hey,

Can you upload the code that you are currently using?

Gary

----------


## Soundar

Hi Dhanasegarene,

How do I declare strLoginErrorMsg and  strErrorDescription.

Thanks,

Soundar

----------


## gep13

Soundar,

I think it would help if you were to describe exactly what it is that you are trying to achieve.  Do you actually require to validate a username and password against an existing database.  From what you have posted, and the questions you are asking, it would appear that you are just starting out, is that correct?  If so, why not let ASP.Net do the "heavy" lifting for you, and use the built in SQL Database and Tables that it creates for you.

Gary

----------


## g.marghade

hi..
i am new to coding plz help me out.
error is
The name 'strLoginErrorMsg' does not exist in the current context	
 plz help

----------


## gep13

Hello,

strLoginErrorMsg needs to be declared at the top of your code file, in the same way that strErrorDescription  is.

Does this make sense?

Gary

----------

