public bool checkLogin(string name)
{
IEnumerable <IDataRecord> rows = QueryBox.Retrieve(
"SELECT login_uzytkownika FROM Uzytkownicy WHERE login_uzytkownika LIKE @login",
p =>
{
p.Add("@login", SqlDbType.Text).Value = name;
}
);
#region badstyle
//using (SqlConnection conn = new SqlConnection())
//{
// conn.ConnectionString = ConfigurationManager.ConnectionStrings["Komunikator"].ToString();
// //conn.ConnectionString = "Server=PAWEŁ-LAPTOP\\SQLEXPRESS;Database=KomunikatorDB;Trusted_Connection=true";
// conn.Open();
// var sqlcommand = new SqlCommand("SELECT COUNT(login_uzytkownika) FROM Uzytkownicy WHERE login_uzytkownika LIKE @login", conn);
// sqlcommand.Parameters.AddWithValue("@login", name);
// Int32 count = (Int32)sqlcommand.ExecuteScalar();
// if (count >0) return true;
// else return false;
//}
#endregion
if (QueryBox.Count(rows) > 0)
{
return(true);
}
else
{
return(false);
}
}
private void QueryBox_Enter(object sender, EventArgs e)
{
if (QueryBox.Text.Equals("Enter Query Here") == true && QueryBox.ForeColor == Color.Gray)
{
QueryBox.Clear();
QueryBox.ForeColor = Color.Black;
}
}
protected void logout_Click(object sender, EventArgs e)
{
QueryBox.Insert(
"Update Uzytkownicy SET status_uzytkownika = 0 where login_uzytkownika LIKE @login",
p =>
{
p.Add("@login", SqlDbType.Text).Value = Session["login"];
});
Session["login"] = null;
Session["logged"] = false;
Response.Redirect("Default.aspx");
}
private async void GoButton_Click(object sender, RoutedEventArgs e)
{
try
{
RunQuery(QueryBox.Text);
}
catch (Exception ex)
{
System.Diagnostics.Debug.WriteLine(ex.Message);
QueryBox.BorderBrush = new SolidColorBrush(Colors.Red);
await System.Threading.Tasks.Task.Delay(500);
QueryBox.SetValue(TextBox.BorderBrushProperty, DependencyProperty.UnsetValue);
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (!(Session["logged"] == null) || (Session["login"] == null))
{
Response.Redirect("logon.aspx");
}
else
{
QueryBox.Insert(
"Update Uzytkownicy SET status_uzytkownika = 1 where login_uzytkownika = @login",
p =>
{
p.Add("@login", SqlDbType.Text).Value = Session["login"];
});
Response.Redirect("ProfilePage.aspx");
//QueryBox.Insert("Update Uzytkownicy SET status_uzytkownika = 1 where login_uzytkownika = ", null);
}
}
public bool checkEmail(string name)
{
IEnumerable <IDataRecord> rows = QueryBox.Retrieve(
"SELECT email_uzytkownika FROM Uzytkownicy WHERE email_uzytkownika LIKE @name",
p =>
{
p.Add("@name", SqlDbType.Text).Value = name;
}
);
if (QueryBox.Count(rows) > 0)
{
return(true);
}
else
{
return(false);
}
}
//Query
private async void Query_Click(object sender, RoutedEventArgs e)
{
_studTable.Clear();
if (QueryBox.Text == "")
{
MessageBox.Show("Заполните поле");
}
else
{
await _newcon.OpenAsync();
SqlDataAdapter adapter = new SqlDataAdapter(QueryBox.Text, _newcon);
adapter.Fill(_studTable);
User_Grid.DataContext = _studTable.DefaultView;
_newcon.Close();
}
QueryBox.Clear();
}
private void close(object sender, MouseButtonEventArgs e)
{
QueryBox.Clear();
return;
//this.Close();
}
private void SubmitButton_Click(object sender, EventArgs e)
{
ResponseLabel.Visible = false;
if (QueryBox.TextLength == 0)
{
MessageBox.Show("Enter a Query!");
}
else
{
try
{
//Populate the query command to the database
cmd.CommandText = QueryBox.Text;
cmd.CommandType = CommandType.Text;
cmd.Connection = connection;
var labelTest = QueryBox.Text.ToUpper();
QueryBox.Clear();
ResponseLabel.Visible = true;
ResponseLabel.ForeColor = Black;
if (labelTest.Contains("INSERT"))
{
ResponseLabel.Text = insert;
}
else if (labelTest.Contains("DELETE"))
{
ResponseLabel.Text = delete;
}
else if (labelTest.Contains("SELECT"))
{
if (DataGridView.Rows.Count > 0)
{
dataTable.Clear();
dataTable = new DataTable();
DataGridView.DataSource = null;
DataGridView.Refresh();
DataGridView.Update();
}
ResponseLabel.Text = "Source Updated";
}
//Code here is the only interaction with database
connection.Open();
reader = cmd.ExecuteReader();
dataTable.Load(reader);
//Return the query result to a datatable for the user
DataGridView.DataSource = dataTable;
DataGridView.Update();
connection.Close();
}
catch (SqlException ex)
{
ResponseLabel.Visible = true;
ResponseLabel.ForeColor = Red;
ResponseLabel.Text = ex.Message.ToString();
QueryBox.Clear();
connection.Close();
}
}
}
protected void loginButton_Click(object sender, EventArgs e)
{
#region excluded
//using (SqlConnection conn = new SqlConnection())
//{
// byte[] salt = null, key=null;
// // load salt and key from database
// conn.ConnectionString = ConfigurationManager.ConnectionStrings["Komunikator"].ToString();
// //conn.ConnectionString = "Server=PAWEL-STAC\\SQLEXPRESS01;Database=KomunikatorDB;Trusted_Connection=true";
// conn.Open();
// var sqlcommand = new SqlCommand("SELECT login_uzytkownika, haslo_uzytkownika, sol_uzytkownika FROM Uzytkownicy WHERE login_uzytkownika LIKE @log", conn);
// sqlcommand.Parameters.AddWithValue("@log", this.login.Text);
// //sqlcommand.Parameters.AddWithValue("@pass", this.haslo.Text);
// //SqlDataReader dr = sqlcommand.ExecuteReader();
// SqlDataReader myReader = sqlcommand.ExecuteReader();
// if (myReader.Read())
// {
// key = (byte[])myReader["haslo_uzytkownika"];
// salt = (byte[])myReader["sol_uzytkownika"];
// using (var deriveBytes = new Rfc2898DeriveBytes(this.haslo.Text, salt))
// {
// byte[] newKey = deriveBytes.GetBytes(20); // derive a 20-byte key
// if (!newKey.SequenceEqual(key))
// {
// ClientScript.RegisterStartupScript(GetType(), "hwa", "alert('Nieprawidłowe dane! :(');", true);
// }
// else
// {
// Session["login"] = this.login.Text;
// Session["logged"] = true;
// Response.Redirect("ProfilePage.aspx");
// }
// }
// }
// else
// {
// ClientScript.RegisterStartupScript(GetType(), "hwa", "alert('Brak użytkowników w bazie! :(');", true);
// }
// conn.Close();
//}
//using (var deriveBytes = new Rfc2898DeriveBytes(this.haslo.Text, 20))
//{
#endregion
UTF8Encoding utf8 = new UTF8Encoding(true, true);
//byte[] key = deriveBytes.GetBytes(20); // derive a 20-byte key
IEnumerable <IDataRecord> rows = QueryBox.Retrieve(
"SELECT login_uzytkownika, haslo_uzytkownika, sol_uzytkownika FROM Uzytkownicy WHERE login_uzytkownika LIKE @login",
p =>
{
p.Add("@login", SqlDbType.Text).Value = this.login.Text;
}
);
byte[] compareBytes = null;
byte[] salt = null;
foreach (var row in rows)
{
compareBytes = (byte[])row["haslo_uzytkownika"];
salt = (byte[])row["sol_uzytkownika"];
}
TripleDESCryptoServiceProvider tdes = new TripleDESCryptoServiceProvider();
try
{
PasswordDeriveBytes pdb = new PasswordDeriveBytes(this.haslo.Text, salt);
tdes.Key = pdb.CryptDeriveKey("TripleDES", "SHA1", 192, tdes.IV);
}
catch (Exception d)
{
Console.WriteLine(d.Message);
}
if (StructuralComparisons.StructuralEqualityComparer.Equals(tdes.Key, compareBytes))
{
Session["login"] = this.login.Text;
Session["logged"] = true;
QueryBox.Insert(
"Update Uzytkownicy SET status_uzytkownika = 1 where login_uzytkownika LIKE @login",
p =>
{
p.Add("@login", SqlDbType.Text).Value = Session["login"];
});
Response.Redirect("ProfilePage.aspx");
}
else
{
ClientScript.RegisterStartupScript(GetType(), "hwa", "alert('Nieprawidłowe dane! :(');", true);
}
//}
}
protected void loginButton_Click(object sender, EventArgs e)
{
UTF8Encoding utf8 = new UTF8Encoding(true, true);
byte[] salt = CreateRandomSalt(7);
TripleDESCryptoServiceProvider tdes = new TripleDESCryptoServiceProvider();
try
{
PasswordDeriveBytes pdb = new PasswordDeriveBytes(this.Haslo.Text, salt);
tdes.Key = pdb.CryptDeriveKey("TripleDES", "SHA1", 192, tdes.IV);
}
catch (Exception d)
{
Console.WriteLine(d.Message);
}
if (checkLogin(this.Login.Text))
{
ClientScript.RegisterStartupScript(GetType(), "act1", "dbanswer('Login','Podaj inny login', 'Istnieje użytkownik z takim loginem.');", true);
return;
}
;
if (checkEmail(this.Email.Text))
{
ClientScript.RegisterStartupScript(GetType(), "act2", "dbanswer('Email','Podaj inny mail','Istnieje użytkownik zarejestrowany na taki mail.');", true);
return;
}
;
//try {
QueryBox.Insert(
"INSERT INTO Uzytkownicy VALUES (@login, @haslo, @imie, @nazwisko, @email, @status, @salt)",
p =>
{
p.Add("@login", SqlDbType.Text).Value = this.Login.Text;
p.Add("@haslo", SqlDbType.VarBinary).Value = tdes.Key;
//p.Add("@haslo", SqlDbType.VarChar).Value = System.Text.Encoding.UTF8.GetString(key);
p.Add("@imie", SqlDbType.Text).Value = this.Imie.Text;
p.Add("@nazwisko", SqlDbType.Text).Value = this.Nazwisko.Text;
p.Add("@email", SqlDbType.Text).Value = this.Email.Text;
p.Add("@status", SqlDbType.TinyInt).Value = 0;
p.Add("@salt", SqlDbType.VarBinary).Value = salt;;
//p.Add("@salt", SqlDbType.VarChar).Value = System.Text.Encoding.UTF8.GetString(salt); ;
});
ClientScript.RegisterStartupScript(GetType(), "alert", "alert('Pomyślnie zarejestrowano!');", true);
//ScriptManager.RegisterStartupScript(this, typeof(string), "Error","alert('hi');", true);
Response.Redirect("Default.aspx");
//}
//catch
//{
// return;
//}
#region ugly
//using (SqlConnection conn = new SqlConnection())
// {
// if (checkLogin(this.Login.Text))
// {
// ClientScript.RegisterStartupScript(GetType(), "act1", "dbanswer('Login','podaj inny login', 'Istnieje użytkownik z takim loginem.');", true);
// //ClientScript.RegisterStartupScript(GetType(), "hwa", "alert('Istnieje użytkownik z takim loginem.');", true);
// return;
// };
// if (checkEmail(this.Email.Text))
// {
// ClientScript.RegisterStartupScript(GetType(), "act2", "dbanswer('Email','Podaj inny mail','Istnieje użytkownik zarejestrowany na taki mail.');", true);
// return;
// };
// using (var deriveBytes = new Rfc2898DeriveBytes(this.Haslo.Text, 20))
// {
// byte[] salt = deriveBytes.Salt;
// byte[] key = deriveBytes.GetBytes(20); // derive a 20-byte key
// conn.ConnectionString = ConfigurationManager.ConnectionStrings["Komunikator"].ToString();
// //conn.ConnectionString = "Server=PAWEL-STAC\\SQLEXPRESS01;Database=KomunikatorDB;Trusted_Connection=true";
// conn.Open();
// var sqlcommand = new SqlCommand("INSERT INTO Uzytkownicy VALUES (@login, @haslo, @imie, @nazwisko, @email, @salt)", conn);
// sqlcommand.Parameters.AddWithValue("@login", this.Login.Text);
// sqlcommand.Parameters.AddWithValue("@haslo", key);
// sqlcommand.Parameters.AddWithValue("@imie", this.Imie.Text);
// sqlcommand.Parameters.AddWithValue("@nazwisko", this.Nazwisko.Text);
// sqlcommand.Parameters.AddWithValue("@email", this.Email.Text);
// sqlcommand.Parameters.AddWithValue("@email", salt);
// try
// {
// sqlcommand.ExecuteNonQuery();
// ClientScript.RegisterStartupScript(GetType(), "alert", "alert('Pomyślnie zarejestrowano!');", true);
// //ScriptManager.RegisterStartupScript(this, typeof(string), "Error","alert('hi');", true);
// Response.Redirect("Default.aspx");
// }
// catch
// {
// return;
// }
// conn.Close();
// }
//}
#endregion
}
