"Resti M. Guay" <RestiMGuay@discussions.microsoft.com> wrote in message
news:A6DB8210-B8FF-42CF-B232-DE45105B755D@microsoft.com...
>i have my database in my local server named SPMS which contains table named
> "tbl_users", the table has the ff fields; "username", "password",
> "employee_name".
> In my Log-In form i have ff textbox "pass", and "uname". I need a code
> that
> runs and check if password for the user name is on the record, and prompt
> a
> msgbox showing the Employee Name.
>
> resti
> --
> VB.net enthusiast

> Try with sql: select employee_name from tbl_users where username = uname
and
> password = pass.

"Flip" <[remove]phenry_w@hotmail.com> wrote in message
news:%23YAbP1AzEHA.824@TK2MSFTNGP11.phx.gbl...
>> Try with sql: select employee_name from tbl_users where username = uname
> and
>> password = pass.
> Once you get this working, I would suggest taking a look at using
> parameters
> to ward off sql injection security hacks. That's the type of hack where
> user enters in ' or 1=1 as the password and if you use the above pseudo
> code
> a bit too literally, you'll be exposing your whole site.
>
>