private void insertData()
{
try
{
String connectionString = System.Configuration.ConfigurationManager.ConnectionStrings["ConnectionString"].ToString();
connection = new MySqlConnection(connectionString);
connection.Open();
MessageBox.Show("Successfully connected to database");
String queryString = "insert into signup_table(first_name,surname,mobile_number,email_address,salt,password) " +
"values (@F_Name, @S_Name, @M_Number, @E_Address, @Salt, @Password)";
command = new MySqlCommand(queryString, connection);
command.Parameters.AddWithValue("@F_Name", FirstN_TextBox.Text);
command.Parameters.AddWithValue("@S_Name", SurN_TextBox.Text);
command.Parameters.AddWithValue("@M_Number", MobileN_TextBox.Text);
command.Parameters.AddWithValue("@E_Address", EmailA_TextBox.Text);
SHA256_Encryption encryption = new SHA256_Encryption();
String salt = encryption.CreateSalt(10);
command.Parameters.AddWithValue("@Salt", salt);
String hashedpassword = encryption.GenerateSHA256Hash(Password_TextBox.Text, salt);
command.Parameters.AddWithValue("@Password", hashedpassword);
command.ExecuteReader();
connection.Close();
MessageBox.Show("Password encrypted successfully");
MessageBox.Show("Data inserted successfully");
Response.BufferOutput = true;
Response.Redirect("Login_Page.aspx", false);
}
catch (MySqlException ex)
{
String mobileNumberUniqueness = MobileN_TextBox.Text;
String emailAddressUniqueness = EmailA_TextBox.Text;
String emailAddressAuthentication = "Duplicate entry" + " '" + emailAddressUniqueness + "' " + "for key " + "'email_address_UNIQUE'";
String mobileNumberAuthentication = "Duplicate entry" + " '" + mobileNumberUniqueness + "' " + "for key " + "'mobile_number_UNIQUE'";
if (ex.Message.Equals(emailAddressAuthentication))
{
MessageBox.Show("User already registered. Please enter another email address.");
}
else if (ex.Message.Equals(mobileNumberAuthentication))
{
MessageBox.Show("Mobile number already regestered. Please enter another mobile number.");
}
else
{
MessageBox.Show("Signup Failed. Please try again." + ex);
}
connection.Close();
throw;
}
catch (Exception ex)
{
connection.Close();
MessageBox.Show("Signup Failed. Please try again. " + ex);
throw;
}
}
private void loginValidationCheck()
{
try
{
String retrivedSalt, retrivedHashedPassword, regeneratedHashedPassword;
String connectionString = System.Configuration.ConfigurationManager.ConnectionStrings["ConnectionString"].ToString();
connection = new MySqlConnection(connectionString);
connection.Open();
MessageBox.Show("Successfully connected to database");
String queryString = "select * from one_real_estate.signup_table where email_address = @U_Name";
command = new MySqlCommand(queryString, connection);
command.Parameters.AddWithValue("@U_Name", UserN_TextBox.Text);
reader = command.ExecuteReader();
if (reader.Read())
{
retrivedHashedPassword = reader["password"].ToString();
SHA256_Encryption encryption = new SHA256_Encryption();
retrivedSalt = reader["salt"].ToString();
String passwordEntered = Password_TextBox.Text;
regeneratedHashedPassword = encryption.GenerateSHA256Hash(passwordEntered, retrivedSalt);
if (retrivedHashedPassword == regeneratedHashedPassword)
{
userName = reader["first_name"].ToString() + " " + reader["surname"].ToString();
Session["userNameFetched"] = userName;
MessageBox.Show("Login Sucessful");
Response.BufferOutput = true;
Response.Redirect("Login_Successful_Page.aspx", false);
}
else
{
MessageBox.Show("Invalid credentials. Please try again.");
}
}
else
{
MessageBox.Show("Invalid credentials. Please try again.");
}
reader.Close();
connection.Close();
}
catch (Exception ex)
{
reader.Close();
connection.Close();
MessageBox.Show("Login Failed. Please try again. " + ex);
}
}
