Please use a database for this. Your thoughts of using textfiles with the passwords inside is insecure³.
Either use the database you already use at your website(if you do so) or create a new one. Your host will most likely let you create a database.
So what you should do is create a database and then create a php file to verify the login.
[HTML]CREATE TABLE login(UserID int PRIMARY KEY AUTO_INCREMENT,Username varchar(20),Password varchar(100)) Engine=InnoDB;[/HTML]
Some sample code...
Code:
<php
mysql_connect("server","user","password"); ' db login
mysql_select_db("database");
if(isset($_POST['user'])) {
if(isset($_POST['pw'])) {
$user = mysql_escape_string($_POST['user']);
$pw = md5(mysql_escape_string($_POST['pw']));
$Query = "SELECT * FROM Login WHERE username='$user' AND password='$pw'"; //pw is stored as md5 in this case
$Result = mysql_query($Query) or die(mysql_error());
if(mysql_count_rows($Result) == 0)
{
echo 'false'; // login failed
} else
{
echo 'true'; // login successful
}
}}
?>
Might not be 100% correct(didn't look it up, just wrote it down).
So you can pass the username/id from your .net application to the php file and read what it returns, if it returns true, login was successful, else login failed.
Take a look at WebRequests in .net.