|Title||Validate a user name/password in a database|
|Description||This example shows how to validate a user name/password in a database in Visual Basic 6. This simple example merely looks up the user name and password in a database table.|
|Keywords||password, cryptography, database|
|Categories||Software Engineering, Database|
Look for the user name/password in the Users table.
Private Sub cmdOk_Click()
Dim db_file As String
Dim statement As String
Dim conn As ADODB.Connection
Dim rs As ADODB.Recordset
' Open the database.
db_file = App.Path
If Right$(db_file, 1) <> "\" Then db_file = db_file & _
db_file = db_file & "data.mdb"
' Open a connection.
Set conn = New ADODB.Connection
conn.ConnectionString = _
"Provider=Microsoft.Jet.OLEDB.4.0;" & _
"Data Source=" & db_file & ";" & _
"Persist Security Info=False"
' Look up the user name/password.
statement = "SELECT COUNT (*) FROM Users WHERE " & _
"UserName='" & Replace(txtUserName.Text, "'", "''") _
& "' AND " & _
"Password='" & Replace(txtPassword.Text, "'", "''") _
Set rs = conn.Execute(statement)
' See if we got anything.
If CLng(rs.Fields(0)) < 1 Then
' There is no match.
' Do not allow the login.
MsgBox "Invalid user name/password."
' There is a match.
' Display the program's main form.
Note that this is not the most secure system since the passwords are stored in plain text in the database. Anyone who can read the database can get all the passwords. A more secure system would encrypt the passwords and store the result in the database. Then to verify a user name/password, the program reencrypts the password and checks that it got the right result.