Date un'occhiata ala codice che ho inserito e cercate per favore di darmi una mano... Mi piacerebbe capire dove sbaglio e di conseguenza perchè non fa il Login...



Partial Class _Default
Inherits System.Web.UI.Page

Private Function ValidateUser(ByVal userName As String, ByVal passWord As String) As Boolean
Dim conn As Data.SqlClient.SqlConnection
Dim cmd As Data.SqlClient.SqlCommand
Dim lookupPassword As String

lookupPassword = Nothing

' Controllo USER non valido.
If ((userName Is Nothing)) Then
System.Diagnostics.Trace.WriteLine("[ValidateUser] Input validation of userName failed.")
Return False
End If
If ((userName.Length = 0) Or (userName.Length > 15)) Then
System.Diagnostics.Trace.WriteLine("[ValidateUser] Input validation of userName failed.")
Return False
End If

' Controllo Password non valida.
If (passWord Is Nothing) Then
System.Diagnostics.Trace.WriteLine("[ValidateUser] Input validation of passWord failed.")
Return False
End If
If ((passWord.Length = 0) Or (passWord.Length > 25)) Then
System.Diagnostics.Trace.WriteLine("[ValidateUser] Input validation of passWord failed.")
Return False
End If

Try
' Stringa di connessione al Database
conn = New Data.SqlClient.SqlConnection("Data Source=xx.xxx.xxx.xx;Network Library=;database=MSSqlxxxxx;Connection Timeout=0;Packet Size=4096;Integrated Security=no;User ID=MSSqlxxxxx;Encrypt=no;pwd=xxxxxxxxxx;")
conn.Open()

' Create SqlCommand to select pwd field from the users table given a supplied userName.
cmd = New Data.SqlClient.SqlCommand("SELECT NOME_UTENTE, PASSWORD FROM PROFILO WHERE NOME_UTENTE='" & txtUserName.Value & "'", conn)
cmd.Parameters.Add("NOME_UTENTE", Data.SqlDbType.Char, 50)
cmd.Parameters("@NOME_UTENTE").Value = userName


' Execute command and fetch pwd field into lookupPassword string.
lookupPassword = cmd.ExecuteScalar()

' Cleanup command and connection objects.
cmd.Dispose()
conn.Dispose()
Catch ex As Exception
' Add error handling here for debugging.
' This error message should not be sent back to the caller.
System.Diagnostics.Trace.WriteLine("[ValidateUser] Exception " & ex.Message)
End Try

' If no password found, return false.
If (lookupPassword Is Nothing) Then
' You could write failed login attempts here to the event log for additional security.
Return False
End If

' Compare lookupPassword and input passWord by using a case-sensitive comparison.
Return (String.Compare(lookupPassword, passWord, False) = 0)

End Function
================================================== ===================
Protected Sub cmdLogin_ServerClick(ByVal sender As Object, ByVal e As System.EventArgs) Handles cmdLogin.ServerClick

If Validateuser(txtUserName.Value, txtUserPass.Value) Then
Dim tkt As FormsAuthenticationTicket
Dim cookiestr As String
Dim ck As HttpCookie

tkt = New FormsAuthenticationTicket(1, txtUserName.Value, DateTime.Now(), DateTime.Now.AddMinutes(30), chkPersistCookie.Checked, "your custom data")
cookiestr = FormsAuthentication.Encrypt(tkt)
ck = New HttpCookie(FormsAuthentication.FormsCookieName(), cookiestr)
If (chkPersistCookie.Checked) Then ck.Expires = tkt.Expiration
ck.Path = FormsAuthentication.FormsCookiePath()
Response.Cookies.Add(ck)

Dim strRedirect As String
strRedirect = Request("ReturnURL")
If strRedirect <> "" Then
Response.Redirect(strRedirect, True)
Else
strRedirect = "Users/Profilo.aspx"
Response.Redirect(strRedirect, True)
End If
Else
Response.Redirect("Default.aspx", True)
End If

End Sub
End Class