private void login_button_Click(object sender, EventArgs e)
{
string user = textBox1.Text;
string pass = textBox2.Text;
connection.Open();
string cmd = "select _username, _password, _pin, _ballance, _hash, _phoneNr from Users where _username=@user";
SqlCommand command = new SqlCommand(cmd, connection);
command.Parameters.AddWithValue("@user", user);
SqlDataReader reader = command.ExecuteReader();
if (reader.Read())
{
acc.user_name = reader["_username"].ToString();
acc.pass = reader["_password"].ToString();
int p;
int.TryParse(reader["_pin"].ToString(), out p);
acc.pin = p;
long b;
long.TryParse(reader["_ballance"].ToString(), out b);
acc.ballance = b;
acc.hash = reader["_hash"].ToString();
acc.phone = reader["_phoneNr"].ToString();
}
reader.Close();
connection.Close();
if (acc.user_name != null)
{
string passDecripted = Cripting.Decrypt(acc.pass, acc.hash);
if (passDecripted == pass)
{
isLoggedIn = 1;
if (checkPhoneverification(acc.phone, Cripting.GetRandomAlphanumericString(4)))
{
status_label.Text = " Login successful";
Form2 f2 = new Form2(acc);
f2.Show();
this.Hide();
}
else
{
status_label.Text = "message code incorrect";
}
}
else
{
status_label.Text = "username or password incorrect";
}
}
}
public void createAccount()
{
string username = "******";
string password = "******";
string pin = "1234";
string phone = "+1234567890";
string hash = username.GetHashCode().ToString() + password.GetHashCode().ToString();
string passEncripted = Cripting.Encrypt(password, hash);
SqlConnection connection = new SqlConnection("Data Source = DESKTOP ; Initial Catalog = bankAccounts ; Integrated Security=True");
connection.Open();
string comm = "Insert into Users values ('" + username + "', '" + passEncripted + "', " + pin + ", 0, '" + hash + "', '" + phone + "')";
SqlCommand commandCreate = new SqlCommand(comm, connection);
commandCreate.ExecuteNonQuery();
connection.Close();
}
