public int SaveNewUser(string username, string password)
{
LoginHandler loginHandlerObj = new LoginHandler();
byte[] passwordHash = loginHandlerObj.PasswordHasher(password);
int rowsAffected;
string query = "INSERT INTO dbo.LoginDetails VALUES('" + username + "', @password);";
SqlCommand sqlCommandObj = new SqlCommand();
//Opens the connection of SQLConnection Object
DatabaseConnectionObject.CreateDBConnection();
//Set the connection field of SQL Command object to the connection opened in the above line.
sqlCommandObj.Connection = DatabaseConnectionObject.SqlConnectionObj1;
sqlCommandObj.CommandText = query;
SqlParameter paramPassword = sqlCommandObj.Parameters.AddWithValue("@password", passwordHash);
paramPassword.DbType = DbType.Binary;
try
{
rowsAffected = sqlCommandObj.ExecuteNonQuery();
}
catch (Exception ex)
{
throw ex;
}
return(rowsAffected);
}
public bool Login(string username, string password)
{
bool loginSuccessful = false;
//SaveNewUser(username, password); //Used to insert users into LoginDetails table.
LoginHandler loginHandlerObj = new LoginHandler();
loginSuccessful = loginHandlerObj.MatchPassword(username, password);
return(loginSuccessful);
}
