CREATE PROCEDURE dbo.AuthenticateLogin( @Username VARCHAR(100), @Passwor

1. CREATE PROCEDURE dbo.AuthenticateLogin(
2. @Username VARCHAR(100),
3. @Password VARCHAR(100),
4. @response NVARCHAR(500) OUTPUT
5. )AS
6. BEGIN
7. DECLARE @UserID INT
8. IF(EXISTS(SELECT username FROM users WHERE username = @Username))
9. BEGIN
10. SET @UserID = (SELECT users_id FROM users WHERE username = @Username AND user_password = @Password)
11. IF @UserID IS NULL
12. SET @response = 'Incorrect Password'
13. ELSE
14. Set @response = 'Success'
15. END
16. ELSE
17. SET @response = 'Invalid Login'
18. END
19. GO
20.  
21. Public Function AuthenticateLogin(ByVal username As String, ByVal password As String) As Boolean
22. Dim CMD As New SqlCommand("AuthenticateLogin")
23. CMD.Parameters.Add("@UserName", SqlDbType.VarChar).Value = username
24. CMD.Parameters.Add("@Password", SqlDbType.VarChar).Value = password
25. AuthenticateLogin = ExecuteCMDWithReturnValue(CMD)
26. End Function
27.  
28. Public Function ExecuteCMDWithReturnValue(ByRef CMD As SqlCommand) As Boolean
29. Try
30. OpenDBConnection()
31. CMD.Parameters.Add("@response", SqlDbType.NVarChar).Direction = ParameterDirection.ReturnValue
32. CMD.Connection = DB_CONNECTION
33. CMD.CommandType = CommandType.StoredProcedure
34. CMD.ExecuteNonQuery()
35. Dim result As Object = CMD.Parameters("@response").Value
36. Return If(Convert.ToInt32(result) = 1, False, True)
37. Catch ex As Exception
38. Throw New Exception("Database Error: " & ex.Message)
39. Return False
40. Finally
41. CloseDBConnection()
42. End Try
43. End Function