private bool Judge_password(string name, string password) { conn.Open(); SqlCommand cmd = new SqlCommand("select * from user_info where username = @UN", conn); cmd.Parameters.Add("@UN", SqlDbType.VarChar, 50).Value = name; SqlDataAdapter adapter = new SqlDataAdapter(cmd); DataSet ds = new DataSet(); adapter.Fill(ds); cmd.Dispose(); conn.Close(); string salt = ds.Tables[0].Rows[0][2].ToString(); string hash = ds.Tables[0].Rows[0][3].ToString(); if (CommonHandler.Get_hash(password, salt).Equals(hash)) { return(true); } else { return(false); } }
private void ValidateAccount() { conn.Open(); SqlCommand cmd = new SqlCommand("select * from user_info where username=@Username", conn); cmd.Parameters.Add("@Username", SqlDbType.VarChar, 50).Value = username.Text; SqlDataAdapter adapter = new SqlDataAdapter(cmd); DataSet ds = new DataSet(); adapter.Fill(ds); cmd.Dispose(); conn.Close(); if (ds.Tables[0].Rows.Count == 0) { MessageBox.Show("Username no find!!!", "GG"); } else { if (ds.Tables[0].Rows[0][3].ToString().Equals(CommonHandler.Get_hash(password.Text, ds.Tables[0].Rows[0][2].ToString()))) { Hide(); UpdateAccount(username.Text); Go_to_homepage(username.Text); } else { MessageBox.Show("Login fail!!!", "GG"); } } }
private void Change_Password(string name, string password) { string salt = CommonHandler.Get_salt(); conn.Open(); SqlCommand cmd = conn.CreateCommand(); cmd.CommandText = "update dbo.user_info set salt=@SALT, hash=@HASH where username = '******'"; cmd.Parameters.Add("@SALT", SqlDbType.VarChar, 50).Value = salt; cmd.Parameters.Add("@HASH", SqlDbType.VarChar, 50).Value = CommonHandler.Get_hash(password, salt); cmd.ExecuteNonQuery(); cmd.Dispose(); conn.Close(); }
private void Button1_Click(object sender, EventArgs e) { if (Valide(tb1.Text, tb2.Text, tb3.Text)) { string ipv4 = NetworkHandler.GetLocalIP(); string salt = CommonHandler.Get_salt(); conn.Open(); SqlCommand cmd = new SqlCommand("insert into user_info(username,salt,hash,status,ip,answer) values(@UN, @SALT, @HASH,0,@IP,@AS)", conn); cmd.Parameters.Add("@UN", SqlDbType.VarChar, 50).Value = tb1.Text; cmd.Parameters.Add("@SALT", SqlDbType.VarChar, 50).Value = salt; cmd.Parameters.Add("@HASH", SqlDbType.VarChar, 50).Value = CommonHandler.Get_hash(tb2.Text, salt); cmd.Parameters.Add("@IP", SqlDbType.VarChar, 50).Value = ipv4; cmd.Parameters.Add("@AS", SqlDbType.VarChar, 50).Value = tb4.Text; cmd.ExecuteNonQuery(); cmd.Dispose(); Bitmap bitmap = new Bitmap("../../Image/default_avatar.png"); bitmap = (Bitmap)CommonHandler.ResizeImage(bitmap, new Size(75, 75)); string avatarStr = CommonHandler.ImgToBase64String(bitmap); string backgroundStr = CommonHandler.ImgToBase64String("../../Image/default_background.png"); SqlCommand insert = new SqlCommand("insert into user_picture (username, user_avatar, user_background) values(@UN, @UA, @UB)", conn); insert.Parameters.Add("@UN", SqlDbType.VarChar).Value = tb1.Text; insert.Parameters.Add("@UA", SqlDbType.VarChar).Value = avatarStr; insert.Parameters.Add("@UB", SqlDbType.VarChar).Value = backgroundStr; insert.ExecuteNonQuery(); insert.Dispose(); conn.Close(); MessageBox.Show("Register successfully!", "STATE"); To_HomePage(tb1.Text); } }