VB.NET DataTable rows

vb.net loop through datatable rows and columns
vb.net datatable.rows.find example
vb.net datatable add row
vb.net datatable tutorial
vb.net datatable select
vb.net display datatable
how to get row value from datatable in c#
vb.net create table programmatically

I'm trying to make a login form.

I've created a database on my server and created the rows username and password. I then created a root user with root as password.

but I have a problem with the check if the username and password are correct, I don't know how to give him the 2 rows.

Dim conn = New SqlConnection("Data Source=SRV-SQL;Initial Catalog=prova;User ID=user;Password=user")
Dim sda = New SqlDataAdapter("select count(*) from tblLogin where username ='" + txtUsername.Text + "' and password='" + txtUserPwd.Text + "'", conn)
Dim dt = New DataTable()
sda.Fill(dt)
If (dt.Rows().ToString() = "1") Then
    MsgBox("Logged-in successfully")
Else
    MessageBox.Show("The username or the password is wrong!", "Warning!", MessageBoxButtons.OK, MessageBoxIcon.Error)
End If

Table:

Comments and explanations in-line.

Private Sub VerifyLogin()
        'For the Return Value of the command
        Dim RetVal As Integer
        ' A Using...End Using will ensure that you connectionis closed and disposed event
        'it there is an error.
        Using conn = New SqlConnection("Data Source=SRV-SQL;Initial Catalog=prova;User ID=user;Password=user")
            'You don't need a DataAdapter, just a command
            'USE PARAMETERS. Yes, I am yelling :-) Even if you are the only user
            'it will save you headaches with syntax.
            Using cmd = New SqlCommand("select count(*) from tblLogin where username = @UserName and password= @Password;", conn)
                cmd.Parameters.Add("@UserName", SqlDbType.VarChar).Value = txtUsername.Text
                cmd.Parameters.Add("@Password", SqlDbType.VarChar).Value = txtUserPwd.Text
                'You are only returning one row
                'ExecuteScalar returns the value in the first column of the 
                'first row of the the data
                conn.Open()
                RetVal = CInt(cmd.ExecuteScalar)
            End Using
        End Using
        'No need to convert to a string just compare the Integer
        If RetVal = 1 Then
            MsgBox("Logged-in successfully")
        Else
            MessageBox.Show("The username or the password is wrong!", "Warning!", MessageBoxButtons.OK, MessageBoxIcon.Error)
        End If
End Sub

DataTable: How to get item value with row name and column name , VB.NET DataRow Examples. Use the DataRow type to store values in a row in a DataTable. Use the ItemArray property. DataRow. A DataRow contains an  VB.NET program that removes rows Module Module1 Sub Main () ' Get the DataTable. Dim table As DataTable = GetTable () ' Get the first row. Dim row As DataRow = table.Rows (0) table.Rows. Remove (row) ' Get the new first row. row = table.Rows (0) Console.WriteLine (row ("Name")) End Sub End Module Output Fido

Private Function CalculateHash(password As String, salt As String) As String
    'TODO:
    ' Suggest pulling the BCrypt from the NuGet gallery for this:
    ' https://www.nuget.org/packages/BCrypt-Official/
    ' Just remember that bcyrpt lib encodes salt as part of the password hash, so the function signatures and db table will be different.
End Function

Public Function CheckCredentials(UserName As String, Password As String) As Boolean
    Using conn As New SqlConnection("Data Source=SRV-SQL;Initial Catalog=prova;User ID=user;Password=user"), _
          ' Need to add a "Salt" column to your table, create a new random salt for each user when you create the user
          cmd As New SqlCommand("SELECT Salt, PwdHash FROM tblLogin WHERE username = @Username", conn)

        'Parameterized queries or NOTHING. String concatention is NOT OKAY here
        cmd.Parameters.Add("@UserName", SqlDbType.NVarChar, 50).Value = UserName

        conn.Open()   
        Using rdr As SqlDataReader = cmd.ExecuteReader()
            If Not rdr.Read() Then Return False

            Dim Salt As String = rdr("Salt")
            Dim PwdHash As String = rdr("PwdHash")

            'Compare HASHES, not Passwords
            Return PwdHash = CalculateHash(Password, Salt As String)
        End Using
    End Using
End Function

If CheckCredentials(txtUsername.Text, txtUserPwd.Text) Then
    MsgBox("Logged-in successfully")
Else
    MessageBox.Show("The username or the password is wrong!", "Warning!", MessageBoxButtons.OK, MessageBoxIcon.Error)
End If

VB.NET DataRow Examples, Used often in VB.NET programs, DataTable has columns and rows properties. It is an in-memory representation of structured data (like data read from a database​). VB.NET program that loops over rows Module Module1 Sub Main() ' This calls the GetTable method from above. Dim table As DataTable = GetTable() ' Access Rows property on DataTable. For Each row As DataRow In table.Rows ' Write value of first Integer. Console.WriteLine(row. Field (Of Integer)(0)) Next End Sub End Module Output 25 50 10 21 100

Use DataReader instead, use this code and just call CheckLogin in login button or somthing else.

Sub CheckLogin()

    Dim conn = New SqlConnection("Data Source=SRV-SQL;Initial Catalog=prova;User ID=user;Password=user")

    conn.Open()

    Try

        Dim query As String = "select count(*) from tblLogin where username = @username and password= @password "
        Dim cmd = New SqlCommand(query, conn)
        cmd.Parameters.AddWithValue("@username", txtUsername.Text)
        cmd.Parameters.AddWithValue("@password", txtUserPwd.Text)
        Dim DR As SqlDataReader = cmd.ExecuteReader()

        If DR.HasRows Then

            MsgBox("Logged-in successfully")

        Else

            MessageBox.Show("The username or the password is wrong!", "Warning!", MessageBoxButtons.OK, MessageBoxIcon.Error)

        End If

    Catch ex As Exception
        MsgBox(ex.Message)
    End Try

    conn.Close()

End Sub

VB.NET DataTable Examples, You can loop thorough each rows in datatable and then read the values Do anyone have an example in VB to read a datatable variables that  For Each row As DataRow In dtDataTable.Rows strDetail = row("Detail") Next row Note that Microsoft's style guidelines for.Net now specifically recommend against using hungarian type prefixes for variables. Instead of "strDetail", for example, you should just use "Detail".

How to read a datatable rows, As already pointed out you compare all of the rows with each other. You wrote that the requirement is to compare rows only with each other but  To use the Find method, the DataTable object to which the DataRowCollection object belongs must have at least one column designated as a primary key column. When two or more rows have the same primary key value, then the first row found is returned. This occurs when EnforceConstraints is set to false.

[Solved] VB.NET, Querying In Memory DataTable in VB.Net. 'Data Table Dim dt As New DataTable '​Data row array Dim rows() As System.Data.DataRow Dim row  Dim table As DataTable = DataSet1.Tables("Orders") ' Presuming the DataTable has a column named Date. Dim expression As String expression = "Date > #1/1/00#" Dim foundRows() As DataRow ' Use the Select method to find all rows matching the filter. foundRows = table.Select(expression) Dim i As Integer ' Print column 0 of each returned row.

Querying In Memory DataTable in VB.Net · Customer Portal, NET in Syncfusion ASP.NET components: How to retrieve value of a field in a dataset. Rows(0) indicates the first and only row in DataTable's Rows collection. Here is an example where the DataSource is a DataTable. Any checked items are removed at the DataTable.Rows level. Dim dtSource As DataTable = CType(CheckedListBox1.DataSource, DataTable) Dim theItems As CheckedItemCollection = CheckedListBox1.CheckedItems Dim rows As New List(Of DataRow) For Each cItem In theItems Dim row = CType(cItem, DataRowView).Row rows.Add(row) Next For Each r As

Comments
  • Woah!!! There's a lot wrong with what you have there. Firstly "username ='" + txtUsername.Text + "'". This isn't a parametrised query, and considering the statement you're running, the value of txtUsername is coming from user input. This is wide open to injection. You need to fix that, now. Parametrise your query. Next we have "password='" + txtUserPwd.Text + "'"; this very strongly implies you are storing password as plain text. As well as that this is also open to injection never store passwords as plain text. They should ideally be hashed and salted.
  • As a very quick example, what do you think would happen if someone entered their username as '; SELECT * FROM sys.tables; DROP TABLE tblLogin;-- or ' CREATE LOGIN SuperAdmin WITH PASSWORD= '123', CHECK_POLICY=OFF, CHECK_EXPIRY = OFF; ALTER SERVER ROLE [sysadmin] ADD MEMBER [SuperAdmin];--?
  • Its just a project im making for fun so i wont be uploading it anywhere and its even my first project with SQL
  • If (dt.Rows().ToString() = "1" does not indicate successful login with the query you're using. The value of that row could be 1 or 0. In either case, you will always get a row. You need to look at the actual value that is returned, not just the rowcount. If you wanted to check via simple rowcount then you would need SELECT * FROM tblLogin WHERE username=.... Or even better, SELECT 1 FROM tblLogin WHERE username=....
  • @squillman I don't see anything wrong with the OP Select statement (except it needs to use parameters). Select * will bring down unnecessary data.