I am aware that code is not going to be handed out, but right now I'm requesting help with finding the information I need.

I am using MSAccess as my database. I need help figuring out how to authenticate the username and password using said database. I really have no idea how to do this and am just looking for links or tutorials on how to do this.

Thanks in advance.

You are going to query the database with something like this...



This query is asking for the password for a given user who is attempting to login. The user's username is located in the part that reads 'someusername'. The result is that a single row and field is returned, the password for the user.

The next step is then to compare the password the user entered when logging in and compare it against this password you fetched from the database. If they are the same, then the user is the right user and you can then let them into the system.

The tricks to watch out for in this system is what they call SQL injection where the username they provide is actually SQL related code that tricks the database into giving them info out of the database. To prevent this, always verify that the username and password first meets the rules a username and password should follow. Like the length is appropriate, the types of characters are accepted and that strange symbols are not in the username/pass that shouldn't be there.

Hope that makes sense to you and you get what is going on here. We can help you further once you put together some code we can look out that follows this scheme.



This post has been edited by Martyr2: 12 Oct, 2008 - 05:14 PM

Martyr2, I was actually looking for some ideas for similiar project, so this helped me as well to get some ideas. Thanks!