Important Notice from AspDotNetStorefront
It is with dismay that we report that we have been forced, through the action of hackers, to shut off write-access to this forum. We are keen to leave the wealth of material available to you for research. We have opened a new forum from which our community of users can seek help, support and advice from us and from each other. To post a new question to our community, please visit: http://forums.vortx.com
Results 1 to 2 of 2

Thread: Log a user in by CustomerID instead of Email

  1. 06-19-2012, 02:00 PM #1
    bradg is offline Junior Member
    Join Date
    May 2012
    Posts
    13

    Default Log a user in by CustomerID instead of Email

    I am tackling the issue of using unique usernames instead of unique emails.

    I've added a Username field to the Customer table and have successfully ported our existing usernames (and passwords) into the database.

    I've edited the login process so that it uses these fields respectively (see below).

    Everything is working fine, but if duplicate emails exist I am expecting problems.

    To solve this, I need help recreating the ValidateUser() method, like so: ValidateUserByID(int customerID, string password); // Validate by ID instead of email.

    Code:
    // From signin.ascx.cs
// Normal login
{
	int customerID = 0;

	using (SqlConnection dbconn = DB.dbConn())
	{
		dbconn.Open();
		IDataReader rs = DB.GetRS("select CustomerID from Customer where Username='" + txtUsernameField + "';", dbconn);
		rs.Read();
		customerID = Convert.ToInt32(rs["CustomerID"]);
	}

	if(customerID != 0)
		ThisCustomer = new Customer(customerID, true);

	if (ThisCustomer.IsRegistered)
	{
		/* TODO: create ValidateUserByID(int customerID, string password); */
		LoginOK = System.Web.Security.Membership.ValidateUser(ThisCustomer.Email, PasswordField); // This could create problems on dup emails
		
		if (LoginOK)
		{
			// ...
		}
	}
}
    If I had the source this wouldn't be an issue, but I'm unsure of where to start otherwise.
  2. 06-20-2012, 07:50 AM #2
    bradg is offline Junior Member
    Join Date
    May 2012
    Posts
    13

    Default One solution to the above problem

    Instead of rewriting ValidateUser() I just used CheckLogin() in its place.

    Code:
    // Solution to the above problem
// normal login
else
{
	int customerID = 0;

	using (SqlConnection dbconn = DB.dbConn())
	{
		dbconn.Open();
		IDataReader rs = DB.GetRS("select CustomerID from Customer where Username='" + txtUsername.Text + "';", dbconn);
		rs.Read();
		customerID = Convert.ToInt32(rs["CustomerID"]);
	}

	ThisCustomer = new Customer(customerID, true);

	if (ThisCustomer.IsRegistered)
	{
                // Use CheckLogin() instead of ValidateUser()
		LoginOK = ThisCustomer.CheckLogin(PasswordField);

		if (LoginOK)
		{
			// user logged in
		}
		else
		{
			// user failed login
		}
	}
	else
	{
		// user does not exist
	}
}
    Will this work?
    Last edited by bradg; 06-20-2012 at 07:53 AM.