custom-login.aspx

This is a book about vb.you could learn this from this book

<%@Page Language="VB" %>
<%@Import Namespace="System.Data" %>
<%@Import Namespace="System.Data.OleDb" %>

<html>
<head>
<title>Login Form</title>
<style type="text/css">
body, input {font-family:Tahoma,Arial,sans-serif; font-size:10pt }
</style>
</head>
<body>
<form runat="server">

  UserName: <input id="txtUsr" type="text" runat="server" /><p />
  Password: <input id="txtPwd" type="password" runat="server" /><p />

  <ASP:CheckBox id="chkPersist" runat="server" />
  Remember my credentials<p />

  <input type="submit" value="Login" runat="server" onserverclick="DoLogin" /><p />

  <div id="outMessage" runat="server" />

</form>
Available username/password combinations are: &nbsp;"sarahware" and "test", &nbsp;
"timtom" and "letmein", &nbsp; "billygoat" and "help"
<hr />
<b>The web.config file used in this example is:</b><pre>
&lt;configuration&gt;
&lt;system.web&gt;

  &lt;authentication mode="Forms"&gt;
    &lt;forms name="MyApp03" path="/" loginUrl="custom-login.aspx"
           protection="All"  timeout="30" &gt;
    &lt;/forms&gt;
  &lt;/authentication&gt;

  &lt;authorization&gt;
    &lt;deny users="?" /&gt;
  &lt;/authorization&gt;

&lt;/system.web&gt;
&lt;/configuration&gt;</pre>
</body>
</html>

<script language="VB" runat="server">
Sub DoLogin(objSender As Object, objArgs As EventArgs)

  'specify the connection string - edit to suit your database
  Dim strConnect As String
  strConnect = "provider=SQLOLEDB.1;data source=[yourserver];" _
             & "initial catalog=UserList;uid=anon;pwd=;"

  'get username and password from form
  Dim strUsr As String = txtUsr.Value
  Dim strPwd As String = txtPwd.Value

  'create the SHA1 hash of the password provided by the user
  Dim strHash As String
  strHash = FormsAuthentication.HashPasswordForStoringInConfigFile(strPwd, "SHA1")

  'set a flag to indicate successful authentication
  Dim blnIsAuthenticated As Boolean = False   'default value
  Dim strBGColor As String   'users saved background color

  'create a suitable SQL statement to retrieve the values
  'we only retrieve the user's stored preferences and other options
  'as the password verification is now done by comparing the
  'hashed values, so it will perform a case-sensitive match
  Dim strSQL As String
  strSQL = "SELECT BGColor FROM Users WHERE UserName='" _
         & strUsr & "' AND Password='" & strHash & "'"

  Try

    'create a new Connection object
    Dim objConnect As New OleDbConnection(strConnect)

    'open the connection to the database
    objConnect.Open()

    'create a new Command using the connection object and select statement
    Dim objCommand As New OleDbCommand(strSQL, objConnect)

    'declare a variable to hold a DataReader object
    Dim objDataReader As OleDbDataReader

    'execute the SQL statement against the command to fill the DataReader
    objDataReader = objCommand.ExecuteReader()

    'if we get a row back we know that the user is authenticated
    If objDataReader.Read() Then

         blnIsAuthenticated = True

         'get users preferred background color
         strBGColor = objDataReader("BGColor")

         'get other preference values as required
         '... etc ...

    End If

    'close the DataReader and Connection
    objDataReader.Close()
    objConnect.Close()

  Catch objError As Exception

    'display error details
    outMessage.InnerHtml = "<b>* Error while accessing database</b>.<br />" _
        & objError.Message & "<br />" & objError.Source
    Exit Sub  ' and stop execution

  End Try


  If blnIsAuthenticated Then

     'save background color in Session object
     Session("BGColor") = strBGColor

     'redirect user to original page
     FormsAuthentication.RedirectFromLoginPage(strUsr, chkPersist.Checked)

  Else

     outMessage.InnerHtml = "<b>Invalid credentials</b> please re-enter..."

  End If

End Sub
</script>