Checking if username already exists in the DB

Question

0.00/5 (No votes)

See more:

protected void Page_Load(object sender, EventArgs e)
   {
       if (IsPostBack)
       {
           SqlConnection conn = new SqlConnection("Data Source=DESKTOP-06QKCFT\\SQLEXPRESS;Initial Catalog=CMS1;Integrated Security=True");
           conn.Open();
           bool exists = false;
           string chechuser = "SELECT count(*) FROM [user] where username='" + t_username.Text + "'";
           SqlCommand cmd = new SqlCommand(chechuser, conn);
           cmd.Parameters.AddWithValue("UserName", t_username.Text);
           exists = (int)cmd.ExecuteScalar() > 0;
           if (exists)
           {
               Response.Write("User Already Exists");
           }
           conn.Close();
       }
   }

What I have tried:

I have tried it in this way but not working the user still enter to DB:

<pre> if (IsPostBack)// to check if the user is already exsist
       {
           SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["regstration_ConnectionString"].ConnectionString);
           conn.Open();
           string checkuser = "selecte count(*) from Table where username='" + t_username.Text + "'";
           SqlCommand com = new SqlCommand(checkuser, conn);
           int temp = Convert.ToInt32(com.ExecuteScalar().ToString());
           if(temp == 1)
           {

               Response.Write("User Already Exists");
           }

            conn.Close();


        }

Posted 11-Apr-17 21:08pm

MuhammadNaamh

Updated 28-Feb-20 12:18pm

Add a Solution

Comments

Tomas Takac 12-Apr-17 3:23am

Can you explain what the problem is here?

MuhammadNaamh 12-Apr-17 3:32am

this code does not work I have tried 2 way but nothing :
protected void Page_Load(object sender, EventArgs e)
{
if (IsPostBack)
{
SqlConnection conn = new SqlConnection("Data Source=DESKTOP-06QKCFT\\SQLEXPRESS;Initial Catalog=CMS1;Integrated Security=True");
conn.Open();
bool exists = false;
string chechuser = "SELECT count(*) FROM [user] where username='" + t_username.Text + "'";
SqlCommand cmd = new SqlCommand(chechuser, conn);
cmd.Parameters.AddWithValue("UserName", t_username.Text);
exists = (int)cmd.ExecuteScalar() > 0;
if (exists)
{
Response.Write("User Already Exists");
}
conn.Close();
}
}

Richard MacCutchan 12-Apr-17 3:27am

You have spelt "selecte" wrong in your SQL. Also, why are you converting an integer to a String just to convert it back to an integer?

MuhammadNaamh 12-Apr-17 3:39am

no my friend in the second query it is correct but not working :
protected void Page_Load(object sender, EventArgs e)
{
if (IsPostBack)
{
SqlConnection conn = new SqlConnection("Data Source=DESKTOP-06QKCFT\\SQLEXPRESS;Initial Catalog=CMS1;Integrated Security=True");
conn.Open();
bool exists = false;
string chechuser = "SELECT count(*) FROM [user] where username='" + t_username.Text + "'";
SqlCommand cmd = new SqlCommand(chechuser, conn);
cmd.Parameters.AddWithValue("UserName", t_username.Text);
exists = (int)cmd.ExecuteScalar() > 0;
if (exists)
{
Response.Write("User Already Exists");
}
conn.Close();
}
}

Richard MacCutchan 12-Apr-17 3:46am

What does "not working" mean? Have you done any actual debugging to find out exactly what happens when you run this query?

MuhammadNaamh 12-Apr-17 4:00am

I mean when I create a new 2 users have the same name it but in the DB I wrote the code above hope to trying show a message to insert new user not exist in DB
are you get the idea ? and it give me no error but the message not appearance that is my problem

Richard MacCutchan 12-Apr-17 4:12am

Yes, but you still have not explained what happens apart from the fact that your SELECT clause may not work correctly. We cannot guess what is happening when you run this code.

3 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

manu_dhobale · Answer 1 · 2017-04-11T21:30:00

Solution 1

Please refer Simple login form example in asp.net Check Username and Password availability in database ASP.NET,C#.NET,VB.NET[^]

Posted 11-Apr-17 21:30pm

manu_dhobale

OriginalGriff · Answer 2 · 2017-04-11T21:38:00

Never concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Use Parametrized queries instead.

SELECT does not have an "E" at teh end:

C#

string checkuser = "selecte count(*) from ...

Your two SELECT statements are using different tables:

SQL

SELECT count(*) FROM [user] where username=

And

SQL

selecte count(*) from Table where username=

Work out wher eit is, and use the right table - I suspect teh second one is faulty as TABLE is an SQL reserved word.

Quote:
not working the user still enter to DB:

Well...not in that code.
That code just checks if a user exists, and prints a message if it does - it does nothing to prevent later code from inserting a user.

That code looks like you are guessing and hoping for the best instead of sitting down and thinking about what you are trying to do: a parameter you don't use, hard coded connection strings, no INSERT code, irrelevant conversions, all sorts of stuff.
Stop, think, and design. Then throw that lot away, and code from scratch. It'll save you a lot of time in the long run, honest.

Member 14758619 · Answer 3 · 2020-02-28T12:19:00

private bool isValid()
{
bool exists = false;
SqlCommand cmd = new SqlCommand("Select count(*) from users where username=@username", con);
cmd.CommandType = CommandType.Text;
cmd.Parameters.AddWithValue("@username", txt_username.Text);
exists = (int)cmd.ExecuteScalar() > 0;
if (exists)
{
MessageBox.Show("Useralready exists");
return false;

}
return true;

}

tested and working perfectly all right!!!

Checking if username already exists in the DB

3 solutions

Solution 1

Solution 2

Solution 3

Add your solution here

Preview 0