Ejemplo n.º 1
0
        //Creaza comanda SQL de actualizarea a datelor in baza de date utilizand ca parametri un sir de bytes, hashcode-ul parolei si id-ul usrrului care cere resetarea parolei
        private int updatePassword(byte[] inputSalt, String inputHash, int userID)
        {
            MySqlCommand updatePasswordCommand = SQLCommandBuilder.getUpdatePasswordCommand(sqlStatementUpdatePassword, inputSalt, inputHash, userID);

            //Trimite comanda pt a fi executata de metoda specializata a clasei DBConnectionManager
            int executionResult = DBConnectionManager.insertData(updatePasswordCommand);

            return(executionResult);
        }
Ejemplo n.º 2
0
        private void writeAuthenticationDataToDB(byte[] salt, String hashedPassword, int userID)
        {
            String       sqlStatementInsertAuthenticationData = @"UPDATE users SET users.salt = @paramSalt, users.password = @paramPassword WHERE users.userID = @paramID";
            MySqlCommand insertCommand = new MySqlCommand(sqlStatementInsertAuthenticationData);

            insertCommand.Parameters.AddWithValue("@paramSalt", salt);
            insertCommand.Parameters.AddWithValue("@paramPassword", hashedPassword);
            insertCommand.Parameters.AddWithValue("@paramID", userID);

            DBConnectionManager.insertData(insertCommand);
        }
Ejemplo n.º 3
0
        private void registerButton_Click(object sender, EventArgs e)
        {
            string userName     = userNameTextBox.Text;
            string password     = passwordTextBox.Text;
            string emailAddress = emailTextBox.Text;

            if (!isValidUserName(userName))
            {
                MessageBox.Show("The username must have at least 3 characters and can contain only lowercase(a-z) and uppercase(A-Z) letters, digits(0-9) and underscores(_)!", "User registration", MessageBoxButtons.OK, MessageBoxIcon.Warning);
                return;
            }


            if (password.Length < minimumPasswordLength)
            {
                MessageBox.Show("Your password should be at least 10 characters long! Please try again.", "User registration", MessageBoxButtons.OK, MessageBoxIcon.Warning);
                return;
            }

            if (!isValidPassword(password))
            {
                MessageBox.Show("Invalid password! Your password must contain:\n1.Lowercase and uppercase letters (a-zA-z) \n2.Digits (0-9) \n3.Special characters (@#$%<>?)", "User registration", MessageBoxButtons.OK, MessageBoxIcon.Warning);
                return;
            }


            if (!isValidEmail(emailAddress))
            {
                MessageBox.Show("Invalid email address!", "User registration", MessageBoxButtons.OK, MessageBoxIcon.Warning);
                return;
            }

            if (userExists(getUser(sqlStatementCheckUserExistence, userName)))
            {
                MessageBox.Show("The selected username already exists! Please try again", "User registration", MessageBoxButtons.OK, MessageBoxIcon.Stop);
                return;
            }

            ConfirmationSender emailSender = new ConfirmationSender();

            string emailSubject     = "New user creation";
            string emailBody        = "A user creation request was made for an account that will associated to this email address.\nPlease enter the following code to finish user creation process and confirm your email: {0} \nIf you have not made such a request please ignore this email and delete it.";
            string onSuccessMessage = "An email containing the confirmation code for the new user creation was sent to the specified email address";
            string parentWindowName = "Register";

            string generatedConfirmationCode = emailSender.generateConfirmationCode();

            emailSender.sendConfirmationEmail(emailAddress, emailSubject, emailBody, generatedConfirmationCode, onSuccessMessage, parentWindowName);

            String userInputConfirmationCode = Interaction.InputBox("Enter the code received on your email to finish the user creation process:", "Confirmation Code", "Enter code", 200, 200);

            if (emailSender.confirmationCodesMatch(generatedConfirmationCode, userInputConfirmationCode))
            {
                PasswordSecurityManager securityManager = new PasswordSecurityManager();
                byte[]       salt                = securityManager.getSalt(16);
                string       hashCode            = securityManager.createPasswordHash(password, salt);
                MySqlCommand userCreationCommand = SQLCommandBuilder.getNewUserCreationCommand(sqlStatementCreateNewUser, userName, salt, hashCode, emailAddress);
                int          executionResult     = DBConnectionManager.insertData(userCreationCommand);

                if (executionResult == -1)
                {
                    MessageBox.Show("Could not create the requested user!", "Register", MessageBoxButtons.OK, MessageBoxIcon.Error);
                    return;
                }

                MessageBox.Show("Your user was succesfully created!", "Register", MessageBoxButtons.OK, MessageBoxIcon.Information);
                clearInputFields(textBoxes);
                registerButton.Enabled = false;
            }
            else
            {
                MessageBox.Show("Invalid confirmation code! Please try again.", "Register", MessageBoxButtons.OK, MessageBoxIcon.Error);
            }
        }