farid Posted May 24, 2003 Posted May 24, 2003 (edited) I am trying to test form authentication in asp.net using xml file but I got this error "Syntax error: Missing operand after '@farid' operator. Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. Exception Details: System.Data.SyntaxErrorException: Syntax error: Missing operand after '@farid' operator. Source Error: Line 36: Users = ds.tables(0) Line 37: Dim Matches() as DataRow Line 38: Matches = Users.Select(cmd) Line 39: If Matches.length >0 Then Line 40: Dim row as DataRow Source File: c:\inetpub\wwwroot\asp\login.aspx Line: 38 " the login.aspx page code <%@ Import Namespace="System.XML" %> <%@ Import Namespace="System.IO" %> <%@ Import Namespace="System.Web.Security" %> <%@ Import Namespace="System.Data.SqlClient" %> <%@ Import Namespace="System.Data.OleDB" %> <%@ Import Namespace="System.Data" %> <%@ Page Language="vb" debug="True"%> <HTML> <HEAD> <TITLE>Session 13 Cookie Authentication </TITLE> <SCRIPT LANGUAGE="VB" RUNAT="Server"> Sub btnLogin_Click(ByVal Sender As Object, ByVal E As EventArgs) Select Case ValidateUserXML(txtusername.text,txtpassword.text) Case "Success" FormsAuthentication.RedirectFromLoginPage (txtusername.text,chkPersistForms.Checked) Case "PasswordFailed" lblMessage.Text = "Sorry your password verification for the user " & txtusername.text &" failed." Case "NoSuchUser" Response.Redirect("adduser/adduser.aspx?username=" & txtusername.text) End Select End Sub Sub btnAddNewUser_Click(ByVal Sender As Object, ByVal E As EventArgs) Response.Redirect("adduser/adduser.aspx?username=Enter User Name") End Sub Function ValidateUserXML(ByVal username as String, ByVal password as String) as String Dim cmd as String cmd = "UserEmail=�" & username & "�" Dim ds as New DataSet Dim fs as new FileStream(Server.MapPath("users.xml"),FileMode.Open,FileAccess.Read) Dim reader as new StreamReader(fs) Dim pass as string Dim user as string ds.ReadXml(reader) fs.Close() Dim users as DataTable Users = ds.tables(0) Dim Matches() as DataRow Matches = Users.Select(cmd) If Matches.length >0 Then Dim row as DataRow row = matches(0) pass = row.item("UserPassword") user = row.item("userEmail") if pass = password then Return "Success" else Return "PasswordFailed" end if Else Return "NoSuchUser" End If End Function </SCRIPT> </HEAD> <BODY> <FORM ID="WebForm1" METHOD="postPOST" RUNAT="server"> <P> <STRONG>Session 13 Forms Authentication</STRONG> </P> <P> Please enter your username and password information below and then select the Login Button. </P> <P> <ASP:LABEL ID="lblMessage" RUNAT="SERVER"></ASP:LABEL> </P> <P> Email <ASP:TEXTBOX ID="txtUserName" RUNAT="SERVER" TOOLTIP="Please enter your Username here"></ASP:TEXTBOX> </P> <P> Password <ASP:TEXTBOX ID="txtPassword" RUNAT="SERVER" TEXTMODE="Password" TOOLTIP="Please enter your password here."></ASP:TEXTBOX> </P> <P> <ASP:CHECKBOX ID="chkPersistForms" RUNAT="SERVER" TEXT="Select to Persist Cookies"></ASP:CHECKBOX> </P> <P> <ASP:BUTTON ID="btnLogin" RUNAT="SERVER" TEXT="Login" ONCLICK="btnLogin_Click"></ASP:BUTTON> <ASP:BUTTON ID="btnAddUser" RUNAT="SERVER" TEXT="Add New User" ONCLICK="btnAddNewUser_Click"></ASP:BUTTON> </P> </FORM> </BODY> </HTML> the user.xml " <?xml version="1.0" encoding="iso-8859-1"?> <Users> <User> <UserEmail>joe@smith.com</UserEmail> <UserPassword>jsmith</UserPassword> </User> <User> <UserEmail>farid@farid.com</UserEmail> <UserPassword>farid</UserPassword> </User> </Users> " the config file "<?xml version="1.0" encoding="utf-8" ?> <configuration> <system.Web> <authentication mode="Forms"> <forms name="CookieFormApplication" loginUrl="login.aspx" /> </authentication> <authorization> <deny users="?" /> </authorization> <sessionState mode="InProc" cookieless="false" timeout="20"/> </system.Web> </configuration>" can anyone help ????????? Edited May 24, 2003 by Robby Quote
wyrd Posted May 24, 2003 Posted May 24, 2003 :eek: You should probably clean up your code so those who are trying to help can read it. :) Anyway, obviously there's an error with the emails when using @. It seems like it's treating it as a stored procedure variable and wants you to set something to it (ie; @farid = 32) How to fix this, I don't know exactly. I'm having a hard time sifting through your code so I can't give any real suggestions. From what I've grasped by quickly glancing over, you should use a replace on your cmd string before using it so it can use the @ appropriately. Something like this; cmd = cmd.Replace("@", "' + '@' + '") The replacement for @ would be ' + '@' + ' Hopefully it will bypass the stored procedure error and just use it as regular string concatenation. Quote Gamer extraordinaire. Programmer wannabe.
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.