-2

I create a stored procedure name sp_Auth and inside it is Table name UserAccounts with two fields, username and password both varchar(50) I declared two variables, @username,@password on stored procedure

Select * From UserAccounts where @username = username and @password = password

After I create it I put it into Linq to SQL together with the table and then I create new class to call the stored procedure from the linq to sql class.

My question is how do I make a method in order for the button in my login form to check or validate username and password typed in the textboxes to the data found on the table using my stored procedure.

I know there are a lot of ways on doing this but I found out they uses sqlcommand or something.

I need to use the class to call the stored proc.

The code I want to achieve is like this

Public static sp_Insert(Product p) db = new dataclass1context(); db.storedprocInsert(@Name,@Pname); Can I create a validator or checker in the class like the code above?

Gerard Santos
  • 316
  • 1
  • 5
  • 12
  • Please read this http://stackoverflow.com/help/mcve – Callum Linington Mar 09 '16 at 15:21
  • 2
    This isn't an answer to your quesion, but you shouldn't use the "sp_" prefix for Stored Procedures. "sp_" stands for "System Procedure". I use "up_" for "User Procedure", but thats just a personal preference. https://msdn.microsoft.com/en-us/library/dd172115(v=vs.100).aspx –  Mar 09 '16 at 15:22
  • 4
    Another comment that isn't an answer but nonetheless important, you should NOT store passwords in clear text. They should be salted and hashed. – Sean Lange Mar 09 '16 at 15:24
  • Sir I didnt intend to encrypt my password as it is just our project that uses local database. – Gerard Santos Mar 09 '16 at 16:36

1 Answers1

0

Take a look at Passing parameter to stored procedure. This will get you on the way. You can use the result of the query to determine if the user was validated.

Please keep in mind that passwords should not be stored as plaintext, and should be at least hashed and even salted, which would require you to convert the users password to the matching type of hash before your query.

Community
  • 1
  • 1
Dan Smith
  • 533
  • 1
  • 6
  • 15