Beispiel #1
0
    protected void loginBtn_Click(object sender, EventArgs e)
    {
        string EncodedResponse = Request.Form["g-recaptcha-response"];

        if (Recaptcha.Validater(EncodedResponse).Equals("True"))
        {
            //Here goes the real meat of login
            string uname = loginEmail.Text;
            string upass = loginPwd.Text;

            if (ValidateCredentials(uname, upass))
            {
                string guid = Guid.NewGuid().ToString();

                Session["AuthToken"] = guid;

                Response.Cookies.Add(new HttpCookie("AuthToken", guid));

                string sql2 = "select * from user_credentials where Email = @username2 limit 1";

                try
                {
                    connection.Open();

                    MySqlCommand cmd2 = new MySqlCommand(sql2, connection);

                    MySqlParameter user2 = new MySqlParameter();
                    user2.ParameterName = "@username2";
                    user2.Value         = uname.Trim();
                    cmd2.Parameters.Add(user2);

                    MySqlDataReader reader    = cmd2.ExecuteReader();
                    string          email_id  = "";
                    string          user_id   = "";
                    string          mobile_no = "";

                    while (reader.Read())
                    {
                        email_id  = reader.GetString("Email");
                        user_id   = reader.GetString("User_ID");
                        mobile_no = reader.GetString("Mobile_No");
                    }


                    Response.Cookies.Add(new HttpCookie("email", email_id));
                    Response.Cookies.Add(new HttpCookie("uid", user_id));
                    Response.Cookies.Add(new HttpCookie("mobile", mobile_no));
                }
                catch (MySqlException ex)
                {
                }
                finally
                {
                    if (connection != null)
                    {
                        connection.Close();
                    }
                }

                Response.Redirect("Default.aspx");
            }
            else
            {
                invalid_usrPwd.Visible = true;
            }
        }
        else
        {
            captchaVerification.Visible = true;
        }
    }
Beispiel #2
0
    protected void registerBtn_Click(object sender, EventArgs e)
    {
        string EncodedResponse = Request.Form["g-recaptcha-response"];

        if (Recaptcha.Validater(EncodedResponse).Equals("True"))
        {
            if (!(pwdRegister.Text.Equals(pwdConfRegister.Text)))
            {
                passwordMatchWarning.Visible = true;
                return;
            }
            if (!(regEmail.Text.Equals(regConfEmail.Text)))
            {
                emailMatchWarning.Visible = true;
                return;
            }
            try
            {
                connection.Open();
            }
            catch (MySqlException ex)
            {
                // Error log
            }
            try
            {
                MySqlCommand cmd        = connection.CreateCommand();
                string       hashedPass = Hashing.HashPassword(pwdRegister.Text);

                cmd.CommandText = "INSERT INTO user_credentials(Email, acc_password, Mobile_No) values (@email_id,@passwd,@mobileNo)";

                cmd.Parameters.AddWithValue("@email_id", regEmail.Text);
                cmd.Parameters.AddWithValue("@passwd", hashedPass);
                cmd.Parameters.AddWithValue("@mobileNo", registerMobile.Text);

                int check = cmd.ExecuteNonQuery();
                if (check > 0)
                {
                    accountCreated.Visible = true;
                }
            }
            catch (MySqlException ex)
            {
                System.Diagnostics.Debug.WriteLine(ex.ToString());
                if (ex.Number == 1062)
                {
                    emailExistWarning.Visible = true;
                    return;
                }
                else
                {
                    // remove this after testing .....
                    //errorLabel.Text = ex.ToString();
                }
            }
            finally
            {
                if ((connection != null))
                {
                    connection.Close();
                }
            }
        }
        else
        {
            captchaVerification.Visible = true;
        }

        regEmail.Text        = "";
        regConfEmail.Text    = "";
        pwdRegister.Text     = "";
        pwdConfRegister.Text = "";
        registerMobile.Text  = "";
    }