i am making a simple c#.net winform application with a form1, which will connect to sql server.
i want that before establishing a connection to sql server , the application asks the user to enter the login name & password to connect.
for this what should i do:
take the login name & password in two text boxes & pass them the to the connection string or should i pass them to the app.config file & then use the string from app.config file in the form1.cs?
will this be ok with the security issues? if not, then what are the other ways of implementing this task?
I would do this:
SqlConnectionStringBuilder componentapp.configUpdate:
My suggestion would be to store the basic connection string like this:
<configuration>
<connectionStrings>
<add name="MyConnStr"
connectionString="server=A9;database=MyDB;" />
</connectionStrings>
</configuration>
Then load this "skeleton" connection string (which is incomplete - that alone won't work!) into your SqlConnectionStringBuilder:
string myConnStr = ConfigurationManager.ConnectionStrings["MyConnStr"].ConnectionString;
SqlConnectionStringBuilder sqlcsb = new SqlConnectionStringBuilder(myConnStr);
Then grab the user name and password from the user in a dialog box and add those to the connection string builder:
sqlcsb.UserID = tbxUserName.Text.Trim();
sqlcsb.Password = tbxPassword.Text.Trim();
and then get the resulting, complete connection string from the SqlConnectionStringBuilder:
string completeConnStr = sqlcsb.ConnectionString;
using(SqlConnection _con = new SqlConnection(completeConnStr))
{
// do whatever you need to do here....
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With