Simple ASP.NET User Login Accounts Maintenance Application

By Aurelie A. Peralta

This simple application demonstrates the following:
1. Basic ASP.NET page commands and IF control statement
2. Variables and Session variables
3. Secured page
4. Database connectivity using ODBC
5. SQL commands for Searching, Inserting, Deleting, and Updating records
6. Gridview object in ASP.NET

Start developing the application by creating an Access database with the following structure:
Database name: logindb.mdb
Tables:
Table name: accountstbl
Fields:
Fieldname      Data                 Type Length
IDNO              Autonumber                           Primary Key
Username      Text                  50
Password       Text                  50

Start Visual Web Developer 2005 Express and create a new website. Add two more Webforms or ASP.NET pages that do not use a code behind approach and delete the Default.aspx page that uses a code behind method. Name the first one login.aspx and the other one, mainpage.aspx.

Type the following codes for the login.aspx page:
———————————————————————–

<%@ Page Language=”VB” %><%@ Import Namespace=”System.Data” %><%@ Import Namespace=”System.Data.Odbc” %><%@ Import Namespace=”System.XML” %>

<!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0 Transitional//EN” “http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd”><script runat=”server”>Private dbconn As New Odbc.OdbcConnection(“Driver={Microsoft Access Driver (*.mdb)};DBQ=” & Server.MapPath(“~\App_Data\logindb.mdb”)) Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs)If Not IsPostBack Then

Session(“varusername”) = vbNullStringEnd IfEnd Sub

Sub loading()Dim dbadapter As New Odbc.OdbcDataAdapter(“Select * from accountstbl Where [Username]=’” & Me.TextBox1.Text.Trim & “‘ and [Password]=’” & Me.TextBox2.Text.Trim & “‘”, dbconn)Dim dbdataset As New DataSetdbdataset.Clear()dbadapter.Fill(dbdataset,

“accountstbl”)If dbdataset.Tables(“accountstbl”).DefaultView.Count = 0 ThenMe.Label3.Text = “Invalid Username or Password. Access Denied!”

Exit SubElse

Session(“varusername”) = Me.TextBox1.Text.TrimResponse.Redirect(“mainpage.aspx”)End IfEnd Sub

Sub loginako(ByVal sender As Object, ByVal e As System.EventArgs)loading()End Sub

</script><html xmlns=”http://www.w3.org/1999/xhtml” ><head runat=”server”><title>Login Page</title></head><body>

<form id=”form1″ runat=”server”><div align=”center”>

<table width=”400″ border=”1″ cellpadding=”2″ cellspacing=”2″ bordercolor=”silver”><tr>

<td><asp:Label ID=”Label1″ runat=”server” Text=”Username”></asp:Label></td>

<td><asp:TextBox ID=”TextBox1″ runat=”server”></asp:TextBox></td> </tr>

<tr><td>

<asp:Label ID=”Label2″ runat=”server” Text=”Password”></asp:Label></td><td>

<asp:TextBox ID=”TextBox2″ runat=”server” TextMode=”Password”></asp:TextBox></td> </tr><tr>

<td colspan=”2″ align=”center”><asp:Button ID=”Button1″ runat=”server” Text=”Login” OnClick=”loginako” /></td>

</tr><tr>

<td colspan=”2″ align=”center”><asp:Label ID=”Label3″ runat=”server” ForeColor=”Red”></asp:Label></td>

</tr></table>

</div> </form></body></html>———————————————–

Then type the following codes for the mainpage.aspx page:
———————————————————————–

<%@ Page Language=”VB” %><%@ Import Namespace=”System.Data” %><%@ Import Namespace=”System.Data.Odbc” %><%@ Import Namespace=”System.XML” %>

<!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0 Transitional//EN” “http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd”><script runat=”server”>Private dbconn As New Odbc.OdbcConnection(“Driver={Microsoft Access Driver (*.mdb)};DBQ=” & Server.MapPath(“~\App_Data\logindb.mdb”))Private dbadapter As New Odbc.OdbcDataAdapter(“Select * from accountstbl”, dbconn)

Private dbdataset As New DataSet Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs)If Session(“varusername”) = vbNullString ThenResponse.Redirect(“login.aspx”)End If

Response.Write(“Welcome! “ & Session(“varusername”))loading()End Sub

Sub loading()dbdataset.Clear()dbadapter.Fill(dbdataset, “accountstbl”)Me.GridView1.DataSource = dbdataset.Tables(“accountstbl”).DefaultView

Me.GridView1.DataBind()End SubProtected Sub Button1_Click(ByVal sender As Object, ByVal e As System.EventArgs)Session.Clear()Response.Redirect(

“login.aspx”)End SubSub InsertKayo(ByVal sender As Object, ByVal e As System.EventArgs)If Me.TextBox1.Text = vbNullString Then

Me.Label3.Text = “Username cannot be empty!”Exit Sub

End IfIf Me.TextBox2.Text = vbNullString Then

Me.Label3.Text = “Password cannot be empty!”Exit Sub

End IfDim insertcommand As New Odbc.OdbcCommandinsertcommand.CommandText = “Insert Into accountstbl ([Username], [Password]) Values (’” & Me.TextBox1.Text.Trim & “‘, ‘” & Me.TextBox2.Text.Trim & “‘)”

insertcommand.Connection = dbconndbconn.Open()

insertcommand.ExecuteReader()

dbconn.Close()

loading()

Me.Label3.Text = “New account successfully added.”

Me.TextBox1.Text = vbNullStringMe.TextBox2.Text = vbNullStringEnd SubProtected Sub GridView1_SelectedIndexChanged(ByVal sender As Object, ByVal e As System.EventArgs)Me.TextBox1.Text = dbdataset.Tables(“accountstbl”).DefaultView.Item(Me.GridView1.SelectedIndex).Item(1)

Me.TextBox2.Text = dbdataset.Tables(“accountstbl”).DefaultView.Item(Me.GridView1.SelectedIndex).Item(2)Me.TextBox3.Text = dbdataset.Tables(“accountstbl”).DefaultView.Item(Me.GridView1.SelectedIndex).Item(0)End SubProtected Sub Button3_Click(ByVal sender As Object, ByVal e As System.EventArgs)Me.TextBox1.Text = vbNullString

Me.TextBox2.Text = vbNullStringMe.TextBox3.Text = vbNullStringEnd SubProtected Sub Button4_Click(ByVal sender As Object, ByVal e As System.EventArgs)If Me.TextBox3.Text = vbNullString Then

Exit SubEnd If

Dim deletecommand As New Odbc.OdbcCommanddeletecommand.CommandText = “Delete From accountstbl Where IDNO=” & Val(Me.TextBox3.Text.Trim)deletecommand.Connection = dbconndbconn.Open()

deletecommand.ExecuteReader()

dbconn.Close()

loading()

Me.Label3.Text = “Account Successfully Deleted.”

End SubProtected Sub Button5_Click(ByVal sender As Object, ByVal e As System.EventArgs)If Me.TextBox3.Text = vbNullString Then

Exit SubEnd If

Dim updatecommand As New Odbc.OdbcCommandupdatecommand.CommandText = “Update accountstbl Set [Username]=’” & Me.TextBox1.Text.Trim & “‘, [Password]=’” & Me.TextBox2.Text.Trim & “‘ Where IDNO=” & Val(Me.TextBox3.Text.Trim)updatecommand.Connection = dbconndbconn.Open()

updatecommand.ExecuteReader()

dbconn.Close()

loading()

Me.Label3.Text = “Account Successfully Updated.”

End Sub</script><html xmlns=”http://www.w3.org/1999/xhtml” ><head runat=”server”>

<title>Mainpage</title></head><body><form id=”form1″ runat=”server”>

<asp:Button ID=”Button1″ runat=”server” Text=”Logout” OnClick=”Button1_Click” /><hr />

<div align=”center”><asp:GridView ID=”GridView1″

runat=”server” BackColor=”LightGoldenrodYellow”BorderColor=”Tan”BorderWidth=”1px” CellPadding=”2″

ForeColor=”Black” GridLines=”None” Width=”500px” AutoGenerateColumns=”False” DataKeyNames=”IDNO” OnSelectedIndexChanged=”GridView1_SelectedIndexChanged” AllowPaging=”True”>

<FooterStyle BackColor=”Tan” /><SelectedRowStyle BackColor=”DarkSlateBlue” ForeColor=”GhostWhite” />

<PagerStyle BackColor=”PaleGoldenrod” ForeColor=”DarkSlateBlue” HorizontalAlign=”Center” /><HeaderStyle BackColor=”Tan” Font-Bold=”True” />

<AlternatingRowStyle BackColor=”PaleGoldenrod” /><Columns>

<asp:CommandField ButtonType=”Button” ShowSelectButton=”True” /><asp:BoundField DataField=”IDNO” HeaderText=”IDNO” />

<asp:BoundField DataField=”Username” HeaderText=”Username” /><asp:BoundField DataField=”Password” HeaderText=”Password” />

</Columns></asp:GridView>

</div><hr />

<table width=”400″ border=”1″ cellpadding=”2″ cellspacing=”2″ bordercolor=”silver”><tr>

<td><asp:Label ID=”Label4″ runat=”server” Text=”IDNO”></asp:Label></td>

<td><asp:TextBox ID=”TextBox3″ runat=”server” ReadOnly=”true”></asp:TextBox></td> </tr>

<tr><td>

<asp:Label ID=”Label1″ runat=”server” Text=”Username”></asp:Label></td><td>

<asp:TextBox ID=”TextBox1″ runat=”server”></asp:TextBox></td> </tr><tr>

<td><asp:Label ID=”Label2″ runat=”server” Text=”Password”></asp:Label></td>

<td><asp:TextBox ID=”TextBox2″ runat=”server” ></asp:TextBox></td> </tr>

<tr><td colspan=”2″ align=”center”>

<asp:Button ID=”Button3″ runat=”server” OnClick=”Button3_Click” Text=”Reset” /><asp:Button ID=”Button2″ runat=”server” Text=”Insert Record” OnClick=”InsertKayo” />

<asp:Button ID=”Button4″ runat=”server” OnClick=”Button4_Click” Text=”Delete” /><asp:Button ID=”Button5″ runat=”server” OnClick=”Button5_Click” Text=”Update” /></td>

</tr><tr>

<td colspan=”2″ align=”center”><asp:Label ID=”Label3″ runat=”server” ForeColor=”Red”></asp:Label></td>

</tr></table>

</form></body></html>————————————————

And finally, copy the logindb.mdb (the Access database you created) in the App_Data folder of your website. Before running the application, make sure you have at least 1 user accounts directly encoded in the accountstbl table of your database to serve as the first login accounts to be used to access the mainpage.aspx page.

Reminder: Please encode the codes manually (do not copy and paste) to avoid change of characters due to css formatting issue. At the same time, doing it on your own increases the level of learning on your part.