0

I'm using VB.Net with MySQL Database and I want to check if the username and password match on the database values Example: Username= Admin11 is different from Username= admin11 when the user entered lowercase "a" and in the database its Uppercase"A" it is wrong. what I want to happen is when the user entered the username that it's not exactly the username in the database values username is incorrect here's my code but it's not working

Dim con = New MySqlConnection

con.ConnectionString = "server=localhost;userid=root;password=alpine;port=3305;database=pos_db;pooling=false;SslMode=none"

con.Open()

Dim qry As String = "SELECT COUNT(*) FROM pos_db.tblusers WHERE Username=@user AND Password=@pass"
Dim cmd As New MySqlCommand(qry, con)
cmd.Parameters.AddWithValue("@user", txtUsername.Text)
cmd.Parameters.AddWithValue("@pass", txtPassword.Text)

Dim count As Integer = Convert.ToInt32(cmd.ExecuteScalar())

If count <> 0 Then
    Me.Hide()
    FrmSelect.Show()
Else
    MessageBox.Show("Either username or password in incorrect", "System", MessageBoxButtons.OK, MessageBoxIcon.Error)
End If
Geshode
  • 3,600
  • 6
  • 18
  • 32
Mark Nartea
  • 67
  • 8

2 Answers2

1

use binary in your query

SELECT COUNT(*) 
FROM pos_db.tblusers 
WHERE 
  BINARY Username = @user
  AND BINARY Password = @pass
ADyson
  • 57,178
  • 14
  • 51
  • 63
parkway
  • 276
  • 1
  • 15
  • Mark as answer and update your post with correct answer. Welcome @MarkNartea – parkway Dec 04 '18 at 03:50
  • @parkway - can mark as answer if it answered the question, but do not update the original question. Such edits will be rolled back. – AJD Dec 04 '18 at 03:55
  • Yes, sir thanks a lot. how can I mark this post as answered, I'm newbie here in StackOverflow – Mark Nartea Dec 04 '18 at 03:57
  • Did you saw the number 0 at this thread? there are arrow up and down. u press/mousehover the arrow up button – parkway Dec 04 '18 at 05:28
  • copy that. sir, may I ask a question why we use binary? for what reason. – Mark Nartea Dec 04 '18 at 06:16
  • @MarkNartea BINARY is a built-in keyword that after your WHERE clause that forces a comparison for an exact case-sensitive match.. Normally if involve case sensitive i will use this in my query. you no need create vb.net code to check it whether match or not. same goes with php as well – parkway Dec 04 '18 at 07:36
  • Thanks, sir for that answer I will treasure that. by the way sir I have a problem again I use the same syntax above on my signup to check if the values entered by the user is already in the database the value that is already in my pos_db.tblusers Username =" MarkJhosephNartea" and when I insert another username with the value of Username ="Markjhosephnartea" it result to runtime error, duplicate entry. how can i fix that? thanks sir on response. – Mark Nartea Dec 04 '18 at 07:57
  • @MarkNartea i cannot catch up what you mean. duplicate entry? – parkway Dec 04 '18 at 08:25
  • https://stackoverflow.com/questions/53608581/vb-net-mysql-how-to-insert-values-to-the-database – Mark Nartea Dec 04 '18 at 08:29
0

thanks A lot to Sir @parkway for helping me, it is the correct query on my question. now I learn new things in programming thanks a lot again sir.

con.Open()

        Dim qry As String = "SELECT COUNT(*) FROM pos_db.tblusers WHERE BINARY Username=@user AND BINARY Password=@pass"
        Dim cmd As New MySqlCommand(qry, con)
        cmd.Parameters.AddWithValue("@user", txtUsername.Text)
        cmd.Parameters.AddWithValue("@pass", txtPassword.Text)

        Dim count As Integer = Convert.ToInt32(cmd.ExecuteScalar())

        If count <> 0 Then
            Me.Hide()
            FrmSelect.Show()
        Else
            MessageBox.Show("Either username or password in incorrect", "System", MessageBoxButtons.OK, MessageBoxIcon.Error)
        End If
Mark Nartea
  • 67
  • 8