Jacksonville Developers User Group

I am trying to get a UserID from the tblMembership table using a login name and password.

Using the two parameters, no results.

Using only login name, 1 result returned.

What is wrong with the following statement?

Select UserID From tblMembership Where UserName=@Login And Password=@Pwd

 

This one works - Select UserID From tblMembership Where UserName=@Login

is it possible that the password is hashed and you are trying to compare an unhashed value to the hashed value stored in the database?

---

The Universe has no center and I am it.

The superior man is modest in his speech, but exceeds in his actions.

You got it!  You guys are a wealth of information.

Sooo, how does one compare hash/unhashed values?

Are you using the ASP.NET Membership API or is this a hand-rolled membership solution?  Essentially, you are going to have to hash the passwords.  You'll need a mechanism to hash it in the same way that it is hashed for storage.

I might look at how accounts are created in the first place.  Or maybe I am getting too far ahead of myself.  Maybe a better question is "what are you trying to do?"

---

The Universe has no center and I am it.

The superior man is modest in his speech, but exceeds in his actions.

I'm using the ASP.NET Membership API

What I'm trying to do is - return the UserID for a given user's login & password.

To the ASP.NET Membership API the "user's login" is the UserID. 

If you want to programmatically validate a user try:

Membership.ValidateUser(username, password)

And then to retrieve the user object try:

Membership.GetUser() <--- gets current user

Membership.GetUser(username) <--- if you want a user other than the current.

---

There are only 10 types of people in the world: Those who understand binary, and those who don't