static Boolean Test() { Console.WriteLine("Testing SHA256 hash..."); SimpleHash sh = new SimpleHash(); SHA256 sha = new SHA256Managed(); return sh.TestAlgorithm(sha); }
/// <summary> /// Handles the Click event of the saveButton control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="System.EventArgs"/> instance containing the event data.</param> protected void saveButton_Click(object sender, EventArgs e) { User user = new User { Access = 0, Email = emailAddressTextBox.Text.Trim(), FirstName = firstNameTextBox.Text.Trim(), LastName = lastNameTextBox.Text.Trim(), Website = websiteTextBox.Text.Trim() }; bool passwordFieldsHaveValues = !string.IsNullOrEmpty(passwordOneTextBox.Text.Trim()) && !string.IsNullOrEmpty(passwordTwoTextBox.Text.Trim()); bool isValidPassword = true; //Check passwords if they exist if (passwordFieldsHaveValues) { isValidPassword = IsValidPassword(); if (isValidPassword) { user.Password = SimpleHash.ComputeHash(passwordOneTextBox.Text.Trim(), SimpleHash.Algorithm.SHA256, new byte[8]); } else { message.Text = "Passwords don't match"; } } else { if (!IsUserEdit) { message.Text = "New Users require a password"; } } //Check that there is a valid password and the error text is empty if (isValidPassword && string.IsNullOrEmpty(message.Text)) { if (IsUserEdit) { //If no password values were entered we need to keep the old password. if (!passwordFieldsHaveValues) { user.Password = editUser.Password; } //Set user Id user.UserId = userId; //update the user and display the success message. new UserLogic().Update(user); //message.Text = string.Format(AdminResources.SuccessfulUserUpdate); Response.Redirect("~/Admin/Manage.aspx?a=Users", false); } else { new UserLogic().Add(user); message.Text = string.Format(AdminResources.SuccessfulUserAdd, user.Email); } //Clears the textboxes WebControlUtilities.ClearTextFromControl <TextBox>(Controls); } }
public VenereissuModule() { StaticConfiguration.DisableErrorTraces = false; var db = new VenereissutDataContext(); Get["/Hello"] = parameters => "Hello World"; // Login Post["/Login"] = p => { Login model = this.Bind(); // Haetaan käyttäjän tiedot tietokannasta username:n perusteella User q = (from a in db.Users where model.username == a.UserName select a).FirstOrDefault(); ISimpleHash simpleHash = new SimpleHash(); if (simpleHash.Verify(model.passwd, q.Password)) { // Login ok, annetaan sessionId ja tallennetaan se käyttäjälle. string sessionId = Util.CreateRandomPassword(20); q.SessionId = sessionId; q.TimeStamp = DateTime.Now; db.SubmitChanges(); return(sessionId); } // Login ei ok, ei palauteta mitään. return(String.Empty); }; // Logoff Post["/Logoff"] = p => { var id = Request.Body; var length = Request.Body.Length; var data = new byte[length]; id.Read(data, 0, (int)length); var body = System.Text.Encoding.Default.GetString(data); var q = (from a in db.Users where a.SessionId == body select a).FirstOrDefault(); if (q != null) { // Tyhjennetään ko. käyttäjän sessionId palvelimelta. q.SessionId = String.Empty; db.SubmitChanges(); return("Logoff successful." + body); } // Logoff ei täsmännyt, palautetaan tyhjä vastaus. return(String.Empty); }; Post["/addUser"] = p => { Login model = this.Bind(); ISimpleHash simpleHash = new SimpleHash(); string saltedPasswd = simpleHash.Compute(model.passwd); User user = new User { UserName = model.username, Password = saltedPasswd }; db.Users.InsertOnSubmit(user); db.SubmitChanges(); return("Operation successful."); }; //Post["/addKohde"] = p => //{ // Kohteet model = this.Bind(); // db.Kohteets.InsertOnSubmit(model); // db.SubmitChanges(); // return "Done inserting Kohde!"; //}; Post["/addKohde"] = p => { KohdeWAuthentication m = this.Bind(); if (!Authenticate(m.token, db)) { return(String.Empty); } Kohteet k = new Kohteet { Kohde_Id = m.Kohde_Id, Koordinaatit = m.Koordinaatit, KuvaBase64 = m.KuvaBase64, Kuvausteksti = m.Kuvausteksti, Nimi = m.Nimi }; db.Kohteets.InsertOnSubmit(k); db.SubmitChanges(); return("Done inserting Kohde!"); }; Post["/addKohteenReissut"] = p => { KohteetReissut model = this.Bind(); db.KohteetReissuts.InsertOnSubmit(model); db.SubmitChanges(); return("Done inserting KohteenReissut!"); }; //Post["/addReissu"] = p => //{ // Reissut model = this.Bind(); // db.Reissuts.InsertOnSubmit(model); // db.SubmitChanges(); // return "Done inserting Reissuts!"; //}; Post["/addReissu"] = p => { ReissutWAuthentication model = this.Bind(); if (!Authenticate(model.token, db)) { return(String.Empty); } string userName = GetUserNameByToken(model.token, db); Reissut m = new Reissut { UserName = userName, Alkoi = model.Alkoi, Nimi = model.Nimi, Kuvausteksti = model.Kuvausteksti }; db.Reissuts.InsertOnSubmit(m); db.SubmitChanges(); return(m.Reissu_Id.ToString()); }; Get["/Kohteet/{id}"] = p => (GetKohde(p.id, p.token, db)); }
public void Save(Stream output, bool leaveOpen = false) { using (var bw = new BinaryWriterX(output, leaveOpen, byteOrder)) { //Header.dataOffset = Files.Aggregate( // 0x14 + 0xC + 0x8 + Files.Sum(afi => usesSFNT ? ((afi.FileName.Length + 4) & ~3) + 0x10 : 0x10), // (n, file) => Support.Pad(n, file.FileName, (byteOrder == ByteOrder.LittleEndian) ? System.CTR : System.WiiU)); // SFAT Header bw.BaseStream.Position = 0x14; bw.WriteStruct(new SFATHeader { hashMultiplier = (int)hashMultiplier, nodeCount = (short)Files.Count }); // SFAT List + nameList var nameOffset = 0; var dataOffset = 0; var sfatEntry = new SFATEntry(); foreach (var afi in Files) { dataOffset = Support.Pad(dataOffset, afi.FileName, (byteOrder == ByteOrder.LittleEndian) ? System.CTR : System.WiiU); // BXLIM Alignment Reading if (afi.FileName.EndsWith("lim")) { using (var br = new BinaryReaderX(afi.FileData, true, byteOrder)) { br.BaseStream.Position = br.BaseStream.Length - 0x28; var type = br.PeekString(); var alignment = 0; if (type == "FLIM") { br.BaseStream.Position = br.BaseStream.Length - 0x8; alignment = br.ReadInt16(); } else if (type == "CLIM") { br.BaseStream.Position = br.BaseStream.Length - 0x6; alignment = br.ReadInt16(); } dataOffset = (sfatEntry.dataEnd + alignment - 1) & -alignment; } } var fileLen = (int)afi.FileData.Length; sfatEntry = new SFATEntry { nameHash = usesSFNT ? SimpleHash.Create(afi.FileName, hashMultiplier) : Convert.ToUInt32(afi.FileName.Substring(2, 8), 16), SFNTOffsetFlag = (uint)(((usesSFNT ? 0x100 : 0) << 16) | (usesSFNT ? nameOffset / 4 : 0)), dataStart = dataOffset, dataEnd = dataOffset + fileLen }; bw.WriteStruct(sfatEntry); nameOffset = (nameOffset + afi.FileName.Length + 4) & ~3; dataOffset = sfatEntry.dataEnd; } // SFNT bw.WriteStruct(SFNTHeader); if (usesSFNT) { foreach (var afi in Files) { bw.WriteASCII(afi.FileName + "\0"); bw.BaseStream.Position = (bw.BaseStream.Position + 3) & ~3; } } // Files bw.WriteAlignment(Header.dataOffset); foreach (var afi in Files) { var alignment = Support.Pad((int)bw.BaseStream.Length, afi.FileName, (byteOrder == ByteOrder.LittleEndian) ? System.CTR : System.WiiU); // BXLIM Alignment Reading if (afi.FileName.EndsWith("lim")) { using (var br = new BinaryReaderX(afi.FileData, true, byteOrder)) { br.BaseStream.Position = br.BaseStream.Length - 0x28; var type = br.PeekString(); if (type == "FLIM") { br.BaseStream.Position = br.BaseStream.Length - 0x8; alignment = br.ReadInt16(); } else if (type == "CLIM") { br.BaseStream.Position = br.BaseStream.Length - 0x6; alignment = br.ReadInt16(); } } } bw.WriteAlignment(alignment); afi.FileData.CopyTo(bw.BaseStream); } // Header bw.BaseStream.Position = 0; Header.fileSize = (int)bw.BaseStream.Length; bw.WriteStruct(Header); } }
public void CreateLoginsAndMembers() { Role roleAdmin = _dbContext.Roles.First(r => r.Id == (int)UserRoles.Admin); Role rolePilot = _dbContext.Roles.FirstOrDefault(r => r.Id == (int)UserRoles.Pilot); Role roleInstructor = _dbContext.Roles.FirstOrDefault(r => r.Id == (int)UserRoles.Instructor); Role roleOwner = _dbContext.Roles.First(r => r.Id == (int)UserRoles.AircraftOwner); string salt = SimpleHash.GetSalt(32); string hash = SimpleHash.MD5("password1", salt); Login loginAdmin = new Login() { Username = "******", Password = SimpleHash.MD5("password1", salt), PasswordSalt = salt, MemberPIN = "1110", Email = "*****@*****.**" }; try { _dbContext.Logins.Add(loginAdmin); _dbContext.SaveChanges(); } catch (DbEntityValidationException ex) { foreach (var e in ex.EntityValidationErrors) { Debug.WriteLine(e.Entry); } throw; } Member memberAdmin = new Member() { Status = "Active", AddressLine_1 = "1234 Main St", City = "Plano", Zip = "75035", FirstName = "Frank", LastName = "Zappa", LastMedical = DateTime.Now, //PrimaryEmail = "*****@*****.**", LoginId = loginAdmin.Id, Roles = new List <Role>() { roleAdmin } }; _dbContext.Members.Add(memberAdmin); _dbContext.SaveChanges(); Login loginOwner1 = new Login() { Username = "******", Email = "*****@*****.**", Password = SimpleHash.MD5("test", salt), PasswordSalt = salt, MemberPIN = "1211" }; _dbContext.Logins.Add(loginOwner1); _dbContext.SaveChanges(); Member memberOwner1 = new Member() { Status = "Active", AddressLine_1 = "1234 Main St", City = "Beverly Hills", Zip = "23031", FirstName = "John", LastName = "Travolta", LastMedical = DateTime.Now, //PrimaryEmail = "*****@*****.**", LoginId = loginOwner1.Id, Roles = new List <Role>() { roleOwner } }; _dbContext.Members.Add(memberOwner1); Login loginOwner2 = new Login() { Username = "******", Email = "*****@*****.**", Password = SimpleHash.MD5("test", salt), PasswordSalt = salt, MemberPIN = "1351" }; _dbContext.Logins.Add(loginOwner2); _dbContext.SaveChanges(); Member memberOwner2 = new Member() { Status = "Active", AddressLine_1 = "1234 Poplar Ave", City = "Santa Monica", Zip = "450123", FirstName = "Harrison", LastName = "Ford", LastMedical = DateTime.Now, //PrimaryEmail = "*****@*****.**", LoginId = loginOwner2.Id, Roles = new List <Role>() { roleOwner } }; _dbContext.Members.Add(memberOwner2); Login loginPilot1 = new Login() { Username = "******", Email = "*****@*****.**", Password = SimpleHash.MD5("test", salt), PasswordSalt = salt, MemberPIN = "1525" }; _dbContext.Logins.Add(loginPilot1); _dbContext.SaveChanges(); Member memberPilot1 = new Member() { Status = "Active", AddressLine_1 = "1010 Addison Circle", City = "Addison", Zip = "750444", FirstName = "Bob", LastName = "Hoover", LastMedical = DateTime.Now.AddDays(-100), //PrimaryEmail = "*****@*****.**", LoginId = loginPilot1.Id, Roles = new List <Role>() { rolePilot } }; _dbContext.Members.Add(memberPilot1); _dbContext.SaveChanges(); Login loginInstructor1 = new Login() { Username = "******", Email = "*****@*****.**", Password = SimpleHash.MD5("test", salt), PasswordSalt = salt, MemberPIN = "1010" }; _dbContext.Logins.Add(loginInstructor1); _dbContext.SaveChanges(); Member memberInstructor1 = new Member() { Status = "Active", AddressLine_1 = "1234 Somewhere Lane", City = "Beverly Hills", Zip = "90210", FirstName = "Billy", LastName = "Bathwater", LastMedical = DateTime.Now.AddDays(-100), //PrimaryEmail = "*****@*****.**", LoginId = loginInstructor1.Id, Roles = new List <Role>() { roleInstructor } }; _dbContext.Members.Add(memberInstructor1); _dbContext.SaveChanges(); InstructorData instructor1Data = new InstructorData() { AvailableForCheckoutsAnnuals = true, CertificateNumber = "1234567890", DesignatedForStageChecks = false, InstructOnWeekdayNights = false, InstructOnWeekdays = false, InstructOnWeekends = true, Member = memberInstructor1, Ratings = "CFI, CFII, MEI" }; _dbContext.InstructorData.Add(instructor1Data); _dbContext.SaveChanges(); Login loginGuest = new Login() { Username = "******", Email = "*****@*****.**", Password = SimpleHash.MD5("password1", salt), PasswordSalt = salt, ForumUserId = 179, MemberPIN = "1790" }; _dbContext.Logins.Add(loginGuest); _dbContext.SaveChanges(); Login jeremyLogin = new Login() { Username = "******", Password = SimpleHash.MD5("2g4uFOOl", "6YA+Ie1h2GLV1GU/K5EobHfSm4GPpXgAm+BbICN2RvM="), PasswordSalt = "6YA+Ie1h2GLV1GU/K5EobHfSm4GPpXgAm+BbICN2RvM=", ForumUserId = 1, Email = "*****@*****.**", MemberPIN = "1530" }; _dbContext.Logins.Add(jeremyLogin); _dbContext.SaveChanges(); Member jeremyMember = new Member() { Status = "Active", AddressLine_1 = "2511 Cheverny Dr", City = "McKinney", Zip = "75070", FirstName = "Jeremy", LastName = "Whittington", LastMedical = DateTime.Now, //PrimaryEmail = "*****@*****.**", LoginId = jeremyLogin.Id, Roles = new List <Role>() { roleAdmin } }; _dbContext.Members.Add(jeremyMember); _dbContext.SaveChanges(); }
protected void btnSignUp_Click(object sender, EventArgs e) { try { SqlConnection connection = new SqlConnection(ConfigurationManager.ConnectionStrings["conString"].ConnectionString); connection.Open(); string cmdText = "Insert INTO GeneralUser(EmailAddress, FirstName, LastName, Gender, HomePhone, HomeAddress, City, State," + "ZIP, DOB, Password, UserType, PasswordHash, ShirtSize, UserPermission, LastLogin, Race, CellPhone, JoinDate," + "ActivatedBool) Values(@EmailAddress, @FirstName, @LastName, @Gender, @HomePhone, @HomeAddress, @City, @State," + "@ZIP, @DOB, @Password, @UserType, @PasswordHash, @ShirtSize, @UserPermission, @LastLogin, @Race, @CellPhone," + "@JoinDate, @Activated)"; SqlCommand cmd = new SqlCommand(cmdText, connection); cmd.Parameters.AddWithValue("@EmailAddress", txtEmail.Text); cmd.Parameters.AddWithValue("@FirstName", txtfName.Text); cmd.Parameters.AddWithValue("@LastName", txtlName.Text); cmd.Parameters.AddWithValue("@Gender", ddlGender.Text); if (txtHome.Text.Trim().Equals("") || txtHome.Text == null) { cmd.Parameters.AddWithValue("@HomePhone", System.DBNull.Value); } else { cmd.Parameters.AddWithValue("@HomePhone", txtHome.Text); } cmd.Parameters.AddWithValue("@HomeAddress", txtAddress.Text); cmd.Parameters.AddWithValue("@City", txtCity.Text); cmd.Parameters.AddWithValue("@State", txtState.Text); cmd.Parameters.AddWithValue("@ZIP", txtZip.Text); cmd.Parameters.AddWithValue("@DOB", txtDOB.Text); cmd.Parameters.AddWithValue("@Password", txtPassword.Text); cmd.Parameters.AddWithValue("@UserType", ddlUserType.Text); int permission = 0; if (ddlUserType.Text == "Administrator") { permission = 5; } if (ddlUserType.Text == "Staff") { permission = 4; } if (ddlUserType.Text == "Student") { permission = 3; } if (ddlUserType.Text == "Parent") { permission = 2; } if (ddlUserType.Text == "Cipher") { permission = 1; } string passHash = SimpleHash.ComputeHash(txtPassword.Text, "MD5", null); cmd.Parameters.AddWithValue("@PasswordHash", passHash); cmd.Parameters.AddWithValue("@ShirtSize", ddlShirtSize.Text); //Need Shirt Size Text Box Debug.WriteLine(permission); cmd.Parameters.AddWithValue("@UserPermission", permission); cmd.Parameters.AddWithValue("@LastLogin", System.DBNull.Value); List <String> selectedValues = cblRace.Items.Cast <ListItem>() .Where(li => li.Selected) .Select(li => li.Value) .ToList(); String races = ""; foreach (String item in selectedValues) { races += item + ", "; } if (races.Trim().Equals("")) { cmd.Parameters.AddWithValue("@Race", System.DBNull.Value); } else { cmd.Parameters.AddWithValue("@Race", races); } cmd.Parameters.AddWithValue("@CellPhone", txtCell.Text); DateTime today = DateTime.Now; cmd.Parameters.AddWithValue("@JoinDate", today); cmd.Parameters.AddWithValue("@Activated", 1); cmd.ExecuteNonQuery(); if (ddlUserType.Text == "Administrator") { insertAdmin(); } if (ddlUserType.Text == "Staff") { insertStaff(); } if (ddlUserType.Text == "Student") { insertStudent(); } if (ddlUserType.Text == "Parent") { insertParent(); } if (ddlUserType.Text == "Cipher") { insertCipher(); } } catch (SqlException SQLe) { System.Diagnostics.Debug.Write(SQLe.ToString()); } Response.Redirect("Admin.ManageAccounts.aspx"); MessageBox.Show("User has been added! Please activate their account and set permission"); }
public void Save(Stream output, IList <IArchiveFileInfo> files) { var hash = new SimpleHash(HashSeed_); using var bw = new BinaryWriterX(output); // Create string dictionary var stringPosition = 0; var stringDictionary = new Dictionary <string, int>(); foreach (var distinctString in files.Select(x => x.FilePath.FullName).Distinct()) { stringDictionary[distinctString] = stringPosition; stringPosition += Encoding.ASCII.GetByteCount(distinctString) + 1; } // Calculate offsets var entryOffset = HeaderSize; var stringOffset = entryOffset + files.Count * EntrySize; var fileOffset = (stringOffset + stringPosition + 3) & ~3; var filePosition = fileOffset; // Write files var entries = new List <Bg4Entry>(); foreach (var file in files.Cast <ArchiveFileInfo>()) { output.Position = filePosition; var writtenSize = file.SaveFileData(output); // Create entry var fileName = file.FilePath.FullName; entries.Add(new Bg4Entry { FileOffset = filePosition, FileSize = (int)writtenSize, IsCompressed = file.UsesCompression, nameOffset = (short)stringDictionary[fileName], nameHash = BinaryPrimitives.ReadUInt32BigEndian(hash.Compute(Encoding.ASCII.GetBytes(ReverseString(fileName)))) }); filePosition += (int)writtenSize; } // Write strings output.Position = stringOffset; foreach (var distinctString in stringDictionary.Keys) { bw.WriteString(distinctString, Encoding.ASCII, false); } bw.WriteAlignment(4, 0xFF); // Write entries output.Position = entryOffset; bw.WriteMultiple(entries); // Write header output.Position = 0; bw.WriteType(new Bg4Header { fileEntryCount = (short)files.Count, metaSecSize = fileOffset, fileEntryCountMultiplier = 1, fileEntryCountDerived = (short)files.Count }); }
public void createCEO(string BID) { try { Person employee = new Person(txtFirstName.Text, txtLastName.Text, txtEmail.Text); employee.setLastUpdatedBy((string)(Session["FirstName"])); SqlConnection sc = new SqlConnection(); sc.ConnectionString = ConfigurationManager.ConnectionStrings["GroupProjectConnectionString"].ConnectionString; sc.Open(); SqlCommand insert = new SqlCommand(); insert.Connection = sc; insert.CommandText = "select [E-mail] from [Person] where [E-mail] = @Email"; insert.Parameters.AddWithValue("@Email", employee.getEmail()); SqlDataReader reader = insert.ExecuteReader(); if (reader.HasRows) { Response.Write("<script>alert('Email record has already existed in Database')</script>"); reader.Close(); sc.Close(); } else { reader.Close(); insert.CommandText = "INSERT INTO [dbo].[Person] ([FirstName],[LastName],[MI],[E-mail],[Position],[Password],[UserName],[PointsBalance],[PendingPoints],[LastUpdated],[LastUpdatedBy],[BusinessEntityID],[loginCount],[Status]) VALUES" + "(@FirstName,@LastName,@MI,@Email,@Position,@Password,@UserName,@PointsBalance,@PendingPoints,@LastUpdated,@LastUpdatedBy,@BusinessEntityID,0,@Status)"; insert.Parameters.AddWithValue("@FirstName", employee.getFirstName()); insert.Parameters.AddWithValue("@LastName", employee.getLastName()); insert.Parameters.AddWithValue("@Position", "CEO"); insert.Parameters.AddWithValue("@PointsBalance", employee.getPointsBalance()); insert.Parameters.AddWithValue("@PendingPoints", employee.getPendingPoints()); insert.Parameters.AddWithValue("@BusinessEntityID", BID); insert.Parameters.AddWithValue("@LastUpdatedBy", employee.getLastUpdatedBy()); insert.Parameters.AddWithValue("@LastUpdated", employee.getLastUpdated()); insert.Parameters.AddWithValue("@Status", "active"); if (txtMI.Text.Trim() == "") { insert.Parameters.AddWithValue("@MI", DBNull.Value); } else { insert.Parameters.AddWithValue("@MI", txtMI.Text.Trim()); } string password = System.Web.Security.Membership.GeneratePassword(8, 6); string passwordHashNew = SimpleHash.ComputeHash(password, "MD5", null); insert.Parameters.AddWithValue("@Password", passwordHashNew); insert.Parameters.AddWithValue("@UserName", employee.getEmail()); insert.ExecuteNonQuery(); sc.Close(); Send_Mail(employee.getEmail(), employee.getEmail(), password); Response.Write("<script>alert('CEO Account: " + employee.getFirstName() + "" + employee.getMI() + " " + employee.getLastName() + " created succesfully')</script>"); txtFirstName.Text = string.Empty; txtMI.Text = string.Empty; txtLastName.Text = string.Empty; txtEmail.Text = string.Empty; txtPhoneNumber.Text = string.Empty; txtCeoEmail.Text = string.Empty; txtCompanyName.Text = string.Empty; } } catch { Response.Write("<script>alert('Error When Creating CEO Account (CONTACT DEVS)')</script>"); } }
private void b_save_Click(object sender, RoutedEventArgs e) { if (tb_social_security_nr.Text == "" || pb_password.Password == "" || tb_name.Text == "" || tb_address.Text == "" || tb_home_phone.Text == "") { MessageBox.Show("Empty fields are not allowed.", "Error!", MessageBoxButton.OK, MessageBoxImage.Warning); return; } EmployeeObject newObject = new EmployeeObject(tb_social_security_nr.Text, SimpleHash.GenerateHashedPassword(tb_social_security_nr.Text, pb_password.Password), (bool)cb_admin.IsChecked, tb_name.Text, tb_address.Text, tb_home_phone.Text); int rowsChanged = -1; if (newemployee) { rowsChanged = DBConnection.InsertEmployee(newObject); } else { rowsChanged = DBConnection.UpdateEmployee(newObject, oldObject); } if (rowsChanged > 0) { parentWindow.parentWindow.UpdateAllChain(); Close(); } }
protected void Login_Authenticate(object sender, AuthenticateEventArgs e) { try { string username = employeeLogin.UserName; string password = employeeLogin.Password; e.Authenticated = false; SqlConnection conn = ProjectDB.connectToDB(); if (conn != null) { string commandText = "Select Top 1 UserName, PasswordHash, LoginType, EmpLoginID from [dbo].[EmployeeLogin] where UserName = @UserName"; SqlCommand select = new SqlCommand(commandText, conn); select.Parameters.AddWithValue("@UserName", username); SqlDataReader reader = select.ExecuteReader(); if (reader.HasRows) { reader.Read(); String pwHash = reader["PasswordHash"].ToString(); String user = reader["UserName"].ToString(); int loginType = (int)reader["LoginType"]; int loginID = (int)reader["EmpLoginID"]; bool verify = SimpleHash.VerifyHash(password, "MD5", pwHash); if (verify) { switch (loginType) { case 1: Session["login"] = 1; if (!enabledEmployee(loginID)) { verify = false; } break; case 2: Session["login"] = 2; break; case 3: Session["login"] = 3; //if (!enabledVendor(loginID)) //{ // verify = false; //} break; default: Session["login"] = -1; break; } } e.Authenticated = verify; if (e.Authenticated == true) { getLoginInfo(loginID, loginType); } } conn.Close(); Session["employeeLoggedIn"] = e.Authenticated.ToString(); } if (e.Authenticated == false) { employeeLogin.FailureText = "Incorrect Username or Password."; } } catch (Exception) { } }
protected void loginButton_Click(object sender, EventArgs e) { string h_usernameValue = username.Value; string h_passwordValue = password.Value; char db_userType = 'z'; bool result = false; int number = 0; // This variable does nothing for us. It just holds a test value. Erik, 3/12/18 12:37 errormsg.Visible = false; result = Int32.TryParse(h_usernameValue, out number); if (!result) { errormsg.Visible = true; username.Value = string.Empty; } result = Int32.TryParse(h_passwordValue, out number); if (!result) { errormsg.Visible = true; } if (errormsg.Visible == false) { string constr = ConfigurationManager.ConnectionStrings["CS414_VirtualExamConnectionString"].ConnectionString; using (SqlConnection DBconnection = new SqlConnection(constr)) { using (SqlCommand cmd = new SqlCommand("Get_Hash")) { cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.AddWithValue("@username", h_usernameValue); SqlParameter hash = cmd.Parameters.Add("@hashed_password", SqlDbType.VarChar, 1000); hash.Direction = ParameterDirection.Output; cmd.Connection = DBconnection; try { DBconnection.Open(); cmd.ExecuteNonQuery(); string x = (string)hash.Value; if (x == "Failure") { } else { if (SimpleHash.VerifyHash(h_passwordValue, "SHA256", x)) { using (SqlCommand command = new SqlCommand("Get_User_Type")) { command.CommandType = CommandType.StoredProcedure; command.Parameters.AddWithValue("@username", h_usernameValue); SqlParameter userType = command.Parameters.Add("@user_type", SqlDbType.VarChar, 1); userType.Direction = ParameterDirection.Output; command.Connection = DBconnection; try { command.ExecuteNonQuery(); db_userType = Convert.ToChar(userType.Value); Session["userType"] = db_userType; // This creates a session for the user and allows us to give them access to only certain portions of the website. Erik, 2/23/18 20:14 Session["userName"] = h_usernameValue; } // using (SqlCommand command = new SqlCommand("Validate_User")) //{ // cmd.CommandType = CommandType.StoredProcedure; // cmd.Parameters.AddWithValue("@Username", h_usernameValue); // cmd.Parameters.AddWithValue("@Password", h_passwordValue); // cmd.Connection = DBconnection; // try // { // DBconnection.Open(); // db_userType = Convert.ToChar(cmd.ExecuteScalar()); // Session["userType"] = db_userType; // This creates a session for the user and allows us to give them access to only certain portions of the website. Erik, 2/23/18 20:14 // Session["userName"] = h_usernameValue; // } catch (SqlException ex) { Response.Redirect("http://csmain/cs414/team02/virtualexam/virtualexam/Default"); string errormsg = "Unable to connect to the database! "; errormsg += ex.Message; throw new Exception(errormsg); } finally { } } } } } catch (System.Data.SqlClient.SqlException ex) { string errormsg = "Unable to connect to the database!"; errormsg += ex.Message; throw new Exception(errormsg); } finally { DBconnection.Close(); } // This sends the user to the correct webpage based on the login credentials that they have entered. If they entered invalid login // credentials, an error message is displayed as the default case. Erik, 3/1/18 16:26 switch (db_userType) { case 'a': Response.Redirect("AdminHome.aspx"); username.Value = "a"; break; case 't': Response.Redirect("TeacherHome.aspx"); username.Value = "t"; break; case 's': Response.Redirect("StudentHome.aspx"); username.Value = "s"; break; default: errormsg.Visible = true; username.Value = ""; password.Value = ""; Session.Clear(); Session.Abandon(); break; } } } } }
protected void InsertGeneralUser() { try { SqlConnection sc = new SqlConnection(ConfigurationManager.ConnectionStrings["conString"].ConnectionString); // connection string is in web config SqlCommand query = new SqlCommand(); sc.Open(); query.Connection = sc; query.CommandText = "Insert INTO GeneralUser(EmailAddress, FirstName, LastName, Gender, HomePhone, HomeAddress, City, State," + "ZIP, DOB, Password, UserType, PasswordHash, ShirtSize, UserPermission, LastLogin, Race, CellPhone, JoinDate," + "ActivatedBool) Values(@EmailAddress, @FirstName, @LastName, @Gender, @HomePhone, @HomeAddress, @City, @State," + "@ZIP, @DOB, @Password, @UserType, @PasswordHash, @ShirtSize, @UserPermission, @LastLogin, @Race, @CellPhone," + "@JoinDate, @Activated)"; Debug.WriteLine(query.CommandText); Debug.WriteLine("Where @EmailAddress = " + txtEmail.Text); Debug.WriteLine("@FirstName = " + txtfName.Text); Debug.WriteLine("@LastName = " + txtlName.Text); Debug.WriteLine("@Gender = " + ddlGender.Text); Debug.WriteLine("@HomePhone = NULL"); Debug.WriteLine("@HomeAddress = " + txtAddress.Text); Debug.WriteLine("@City = " + txtCity.Text); Debug.WriteLine("@State = " + txtState.Text); Debug.WriteLine("@ZIP = " + txtZip.Text); Debug.WriteLine("@DOB = " + txtDOB.Text); Debug.WriteLine("@Password = "******"@UserType = " + Session["userType"].ToString()); string passHash = SimpleHash.ComputeHash(txtPassword.Text, "MD5", null); Debug.WriteLine("@PasswordHash = " + passHash); Debug.WriteLine("@PasswordSalt = NULL"); Debug.WriteLine("@ShirtSize = NULL"); //Need Shirt Size Text Box Debug.WriteLine("@UserPermission = 1"); Debug.WriteLine("@LastLogin = NULL"); Debug.WriteLine("@Race = NULL");//Need button group for Race Debug.WriteLine("@CellPhone = " + txtCell.Text); DateTime today = DateTime.Now; Debug.WriteLine("@JoinDate = " + today); Debug.WriteLine("@Activated = 0"); ///////// query.Parameters.AddWithValue("@EmailAddress", txtEmail.Text); query.Parameters.AddWithValue("@FirstName", txtfName.Text); query.Parameters.AddWithValue("@LastName", txtlName.Text); query.Parameters.AddWithValue("@Gender", ddlGender.Text); if (txtHome.Text.Trim().Equals("") || txtHome.Text == null) { query.Parameters.AddWithValue("@HomePhone", System.DBNull.Value); } else { query.Parameters.AddWithValue("@HomePhone", txtHome.Text); } query.Parameters.AddWithValue("@HomeAddress", txtAddress.Text); query.Parameters.AddWithValue("@City", txtCity.Text); query.Parameters.AddWithValue("@State", txtState.Text); query.Parameters.AddWithValue("@ZIP", txtZip.Text); query.Parameters.AddWithValue("@DOB", txtDOB.Text); query.Parameters.AddWithValue("@Password", txtPassword.Text); query.Parameters.AddWithValue("@UserType", Session["userType"].ToString()); query.Parameters.AddWithValue("@PasswordHash", passHash); query.Parameters.AddWithValue("@ShirtSize", ddlShirtSize.Text); //Need Shirt Size Text Box query.Parameters.AddWithValue("@UserPermission", Session["permission"].ToString()); query.Parameters.AddWithValue("@LastLogin", System.DBNull.Value); List <String> selectedValues = cblRace.Items.Cast <ListItem>() .Where(li => li.Selected) .Select(li => li.Value) .ToList(); String races = ""; foreach (String item in selectedValues) { races += item + ", "; } Debug.WriteLine(races); if (races.Trim().Equals("")) { query.Parameters.AddWithValue("@Race", System.DBNull.Value); } else { query.Parameters.AddWithValue("@Race", races); } query.Parameters.AddWithValue("@CellPhone", txtCell.Text); // DateTime today = DateTime.Now; query.Parameters.AddWithValue("@JoinDate", today); query.Parameters.AddWithValue("@Activated", 0); query.ExecuteNonQuery(); sc.Close(); } catch (SqlException SQLe) { System.Diagnostics.Debug.Write(SQLe.ToString()); } }
public bool TestPasswordHasher(string password, string dbSalt, string dbHash) { ISimpleHash simpleHash = new SimpleHash(); return(simpleHash.Verify(password, String.Concat(dbSalt, dbHash))); }
public static bool check(string user, string passwd) { user = user.ToLower(); User user1 = UserDb.lookup(user); return(user1 != null && (user1.passwd == passwd || user == "anonymous" || (SimpleHash.test_hash(passwd, user1.passwd) || UserDb.digest_passwd(user, passwd) == user1.passwd) || UserDb.decode_passwd(user, user1.passwd) == passwd)); }
protected void btnCreateAccount_Click1(object sender, EventArgs e) { //String tempUsername; //bool usernameExists = false; //SqlCommand accountReadCmd = new SqlCommand("SELECT Username FROM AccountPassword", sc); //SqlDataReader accountReader = accountReadCmd.ExecuteReader(); //while (accountReader.Read()) //{ // tempUsername = accountReader[0].ToString(); // if (tempUsername== txtUsername.Text) // { // usernameExists = true; // break; // } //} String error = ""; int currentID = (int)System.Web.HttpContext.Current.Session["CurrentUserID"]; String currentUser = ""; using (sc) { //sc.Open(); // select the project name that matches what the user puts in the search box String pullCurrentUser = "******" + currentID; using (SqlCommand pullUser = new SqlCommand(pullCurrentUser, sc)) { using (SqlDataReader reader = pullUser.ExecuteReader()) { while (reader.Read()) { currentUser = (string)reader["FirstName"] + " " + (string)reader["LastName"]; } } } } Boolean employeeCreated = true; String firstName = txtFirstName.Text; String lastName = txtLastName.Text; String middleInitial = txtMiddleInitial.Text; int companyID = Convert.ToInt32(1); //fix this String position = txtPosition.Text; DateTime startDate = Convert.ToDateTime(txtStartDate.Text); DateTime?terminationDate = null; username = txtUsername.Text; int adminFlag = 0; emailAddress = txtEmail.Text; String phoneNumber = txtPhoneNumber.Text; //Generate random password password = Membership.GeneratePassword(12, 2); if (chkAdminFlag.Checked) { adminFlag = 1; } else { adminFlag = 0; } Boolean run = true; //if ((!emailAddress.Contains("@")) || (!emailAddress.Contains("."))) //{ // error += "Email should contain an @ and domain (.edu, .com, etc.)"; // run = false; //} //else //{ // int i = emailAddress.IndexOf("@"); // String sub = emailAddress.Substring(i); // if (!sub.Contains(".")) // { // error+= "Email should contain a domain (.edu, .com, etc.)"; // run = false; // } //} run = IsValidEmail(emailAddress); if (run == false) { error += "Email is invalid. "; } //Create Account object for new employee Account newAccount = new Account(firstName, lastName, middleInitial, companyID, position, startDate, terminationDate, adminFlag, username, phoneNumber, emailAddress); //verify username does not already exist //String usernameVerificationQuery = "Select Count(Username) FROM dbo.AccountPassword Where Username = @Username"; // usernameExists = true; //if(startDate.AddMonths(6) > DateTime.Now) //{ // run = false; // error += "Start date too far in advance. "; //} String tempName = ""; using (SqlConnection sc = new SqlConnection(WebConfigurationManager.ConnectionStrings["con"].ConnectionString)) { if (sc.State == System.Data.ConnectionState.Closed) { sc.Open(); } String pullUsername = "******"; using (SqlCommand pullVendor = new SqlCommand(pullUsername, sc)) { using (SqlDataReader reader = pullVendor.ExecuteReader()) { while (reader.Read()) { tempName = reader["Username"].ToString(); if (tempName.ToUpper().Equals(username.ToUpper())) { run = false; error += "Username already exists. "; } } } } } // in case it is the first time creating an account //sc.ConnectionString = "Server=localhost;Database=Project;Trusted_Connection=Yes;"; //sc.Open(); //SqlCommand usernameVerification2 = new SqlCommand(usernameVerificationQuery, sc); //SqlDataReader reader2 = usernameVerification2.ExecuteReader(); if (run == true) { String passwordHashNew = SimpleHash.ComputeHash(password, "MD5", null); //Gets the most recent employeeID String selectEmployeeIDQuery = "SELECT MAX(EmployeeID) FROM Employee"; //Inserts new employee String insertEmployeeQuery = "INSERT INTO [dbo].[Employee] values (@FirstName,@LastName, @MiddleInitial, @CompanyID, @Position, @Email, @PhoneNumber, @StartDate," + "@TerminationDate,@RewardBalance,@AdminFlag,@LUB,@LU,0)"; //Inserts new employee's password String insertAccountPasswordQuery = "INSERT INTO AccountPassword values (@EmployeeID" + ", '" + newAccount.getUsername() + "'" + ", '" + passwordHashNew + "', 'Salt',@LUB,@LU, @LastLogIn)"; //create new employee in database using (SqlConnection sc = new SqlConnection(WebConfigurationManager.ConnectionStrings["con"].ConnectionString)) { if (sc.State == System.Data.ConnectionState.Closed) { sc.Open(); } SqlCommand insertEmployee = new SqlCommand(insertEmployeeQuery, sc); insertEmployee.Parameters.AddWithValue("@FirstName", newAccount.getFirstname()); insertEmployee.Parameters.AddWithValue("@LastName", newAccount.getLastName()); if (newAccount.getMiddleInitial() == "") { insertEmployee.Parameters.AddWithValue("@MiddleInitial", DBNull.Value); } else { insertEmployee.Parameters.AddWithValue("@MiddleInitial", newAccount.getMiddleInitial()); } insertEmployee.Parameters.AddWithValue("@CompanyID", newAccount.getCompanyID()); insertEmployee.Parameters.AddWithValue("@Position", newAccount.getPosition()); insertEmployee.Parameters.AddWithValue("@Email", newAccount.getEmail()); insertEmployee.Parameters.AddWithValue("@PhoneNumber", newAccount.getPhoneNumber()); insertEmployee.Parameters.AddWithValue("@StartDate", newAccount.getStartDate()); insertEmployee.Parameters.AddWithValue("@TerminationDate", DBNull.Value); insertEmployee.Parameters.AddWithValue("@RewardBalance", 0.0); insertEmployee.Parameters.AddWithValue("@AdminFlag", newAccount.getAdminFlag()); insertEmployee.Parameters.AddWithValue("@LUB", currentUser); insertEmployee.Parameters.AddWithValue("@LU", DateTime.Now); try { //sc.ConnectionString = @"Server =LOCALHOST ;Database=Project;Trusted_Connection=Yes;MultipleActiveResultSets=true;"; if (sc.State == System.Data.ConnectionState.Closed) { sc.Open(); } insertEmployee.ExecuteNonQuery(); } catch (Exception ex) { Response.Write("<br> insertEmployee " + ex.Message); employeeCreated = false; } SqlCommand selectEmployeeID = new SqlCommand(selectEmployeeIDQuery, sc); try { employeeID = (int)selectEmployeeID.ExecuteScalar(); //Returns the last employeeID } catch (Exception ex) { Response.Write("<br> selectEmployeeID" + ex.Message); employeeCreated = false; } SqlCommand insertAccountPassword = new SqlCommand(insertAccountPasswordQuery, sc); insertAccountPassword.Parameters.AddWithValue("@EmployeeID", employeeID); insertAccountPassword.Parameters.AddWithValue("@LUB", currentUser); insertAccountPassword.Parameters.AddWithValue("@LU", DateTime.Now); insertAccountPassword.Parameters.AddWithValue("@LastLogIn", DBNull.Value); try { insertAccountPassword.ExecuteNonQuery(); } catch (Exception ex) { Response.Write("<br> insertAccountPass" + ex.Message); employeeCreated = false; } } } else { employeeCreated = false; } if (employeeCreated == true) { try { sendEmail(); lblStatus.Text = "Employee created!"; clear(); } catch { } } else { lblStatus.Text = "Employee cannot be created. " + error; } }
private PluginAuthInfo(AuthInfo authInfo, SimpleHash hashedCredentials, string realmName) : this(authInfo.Principal(), hashedCredentials.Bytes, hashedCredentials.Salt, realmName, new HashSet <string>(authInfo.Roles())) { }
static void Main(string[] args) { string password = "******"; // original password string wrongPassword = "******"; // wrong password string passwordHashMD5 = SimpleHash.ComputeHash(password, "MD5", null); string passwordHashSha1 = SimpleHash.ComputeHash(password, "SHA1", null); string passwordHashSha256 = SimpleHash.ComputeHash(password, "SHA256", null); string passwordHashSha384 = SimpleHash.ComputeHash(password, "SHA384", null); string passwordHashSha512 = SimpleHash.ComputeHash(password, "SHA512", null); Console.WriteLine("COMPUTING HASH VALUES\r\n"); Console.WriteLine("MD5 : {0}", passwordHashMD5); Console.WriteLine("SHA1 : {0}", passwordHashSha1); Console.WriteLine("SHA256: {0}", passwordHashSha256); Console.WriteLine("SHA384: {0}", passwordHashSha384); Console.WriteLine("SHA512: {0}", passwordHashSha512); Console.WriteLine(""); Console.WriteLine("COMPARING PASSWORD HASHES\r\n"); Console.WriteLine("MD5 (good): {0}", SimpleHash.VerifyHash( password, "MD5", passwordHashMD5).ToString()); Console.WriteLine("MD5 (bad) : {0}", SimpleHash.VerifyHash( wrongPassword, "MD5", passwordHashMD5).ToString()); Console.WriteLine("SHA1 (good): {0}", SimpleHash.VerifyHash( password, "SHA1", passwordHashSha1).ToString()); Console.WriteLine("SHA1 (bad) : {0}", SimpleHash.VerifyHash( wrongPassword, "SHA1", passwordHashSha1).ToString()); Console.WriteLine("SHA256 (good): {0}", SimpleHash.VerifyHash( password, "SHA256", passwordHashSha256).ToString()); Console.WriteLine("SHA256 (bad) : {0}", SimpleHash.VerifyHash( wrongPassword, "SHA256", passwordHashSha256).ToString()); Console.WriteLine("SHA384 (good): {0}", SimpleHash.VerifyHash( password, "SHA384", passwordHashSha384).ToString()); Console.WriteLine("SHA384 (bad) : {0}", SimpleHash.VerifyHash( wrongPassword, "SHA384", passwordHashSha384).ToString()); Console.WriteLine("SHA512 (good): {0}", SimpleHash.VerifyHash( password, "SHA512", passwordHashSha512).ToString()); Console.WriteLine("SHA512 (bad) : {0}", SimpleHash.VerifyHash( wrongPassword, "SHA512", passwordHashSha512).ToString()); }
internal static void login( SO_CRD_User user_in, Guid sessionGuid_in, string login_forLogPurposes_in, string ip_forLogPurposes_in, bool andCheckPassword_in, string password_in, out long idUser_out, out string login_out, out long[] idPermissions_out, ref List <int> errorlist_ref ) { //// NOTES: //// - this method allows login without password (if andCheckPassword_in == false), //// hence MUST NEVER be distributed (at least not directly) idPermissions_out = null; idUser_out = -1L; login_out = ""; if ( (user_in != null) && ( !andCheckPassword_in || SimpleHash.VerifyHash( password_in, SimpleHash.HashAlgotithm.SHA256, user_in.Password ) ) ) { login_out = user_in.Login; #region login... #region idPermissions_out = ...; long _count; SO_CRD_Permission[] _so_permissions = DO_CRD_Permission.getRecord_byUser( user_in.IDUser, -1, -1, -1, out _count, null ); idPermissions_out = new long[_so_permissions.Length]; for (int i = 0; i < _so_permissions.Length; i++) { idPermissions_out[i] = _so_permissions[i].IDPermission; } #endregion if (UserSession.ContainsKey(sessionGuid_in)) { Sessionuser _usersession = UserSession[sessionGuid_in]; if (_usersession.IDUser == user_in.IDUser) { _usersession.Sessionstart = DateTime.Now; _usersession.IDUser = user_in.IDUser; _usersession.IDPermissions = idPermissions_out; } else { errorlist_ref.Add(ErrorType.authentication__guid_not_yours); UserSession.Remove(sessionGuid_in); return; } } else { UserSession.Add( sessionGuid_in, new Sessionuser( user_in.IDUser, idPermissions_out, user_in.IFApplication, DateTime.Now ) ); } idUser_out = user_in.IDUser; #endregion } else { errorlist_ref.Add(ErrorType.authentication__invalid_login); #region SBO_LOG_Log.log(...); SBO_LOG_Log.log( null, LogType.error, ErrorType.authentication, -1L, (user_in == null) ? -1 : user_in.IFApplication, "login:{0};password[0]:{1};ip:{2};", new string[] { login_forLogPurposes_in, password_in.Length > 0 ? password_in.Substring(0, 1) : "", ip_forLogPurposes_in } ); #endregion } }
protected void btnLogin_Click(object sender, EventArgs e) { String email = txtEmail.Text.ToLower(); String password = txtPassword.Text.ToLower(); SqlConnection con = new SqlConnection(); con.ConnectionString = ConfigurationManager.ConnectionStrings["lab4ConnectionString"].ConnectionString; con.Open(); SqlCommand select = new SqlCommand(); select.Connection = con; select.Parameters.Add(new System.Data.SqlClient.SqlParameter("@email", System.Data.SqlDbType.VarChar)); select.Parameters["@email"].Value = email; select.CommandText = "SELECT EmployedStatus FROM [User] WHERE Email = @email"; bool status = Convert.ToBoolean(select.ExecuteScalar()); if (status == false) { ScriptManager.RegisterStartupScript(this, GetType(), "showalert", "alert('The provided email does not exist.')", true); txtEmail.Text = ""; txtPassword.Text = ""; return; } select.CommandText = "SELECT [PasswordHash] FROM [dbo].[Password] WHERE [UserID] = (SELECT [UserID] FROM [dbo].[User] WHERE [Email] = @email)"; String hash = (String)select.ExecuteScalar(); con.Close(); bool provider = checkProvider(); bool superAdmin = checkSuperAdmin(); con.Open(); bool admin; select.CommandText = "(SELECT [Admin] FROM [dbo].[User] WHERE [Email] = @email)"; admin = Convert.ToBoolean(select.ExecuteScalar()); bool approved; select.CommandText = "SELECT [Approved] FROM [RewardProvider] WHERE [ProviderEmail] = @email"; approved = Convert.ToBoolean(select.ExecuteScalar()); if (provider) { select.CommandText = "SELECT ProviderID FROM [User] WHERE Email = @email"; Session["ProviderID"] = (int)select.ExecuteScalar(); select.CommandText = "SELECT ProviderName FROM [RewardProvider] WHERE ProviderID = " + Convert.ToString((int)Session["ProviderID"]); Session["ProviderName"] = (String)(select.ExecuteScalar()); } con.Close(); bool verify = SimpleHash.VerifyHash(password, "MD5", hash); if (verify) { getUser(txtEmail.Text.ToLower()); if (provider && approved == true) { Response.Redirect("rpHome.aspx"); } else if (provider && approved == false) { ScriptManager.RegisterStartupScript(this, GetType(), "showalert", "alert('You must be approved by an administrator before you can access the system.')", true); txtEmail.Text = ""; txtPassword.Text = ""; } else if (admin) { Response.Redirect("AdminPage.aspx"); } else if (superAdmin) { Response.Redirect("SuperAdmin.aspx"); } else { Response.Redirect("TeamMemberPage.aspx"); } } else { ScriptManager.RegisterStartupScript(this, GetType(), "showalert", "alert('The provided email and/or password was invalid.')", true); txtEmail.Text = ""; txtPassword.Text = ""; } }
public static void ChangePassword( string sessionGuid_in, string ip_forLogPurposes_in, string password_old_in, string password_new_in, out int[] errors_out ) { List <int> _errorlist; Guid _sessionguid; Sessionuser _sessionuser; #region check... if (!SBO_CRD_Authentication.isSessionGuid_valid( sessionGuid_in, ip_forLogPurposes_in, out _sessionguid, out _sessionuser, out _errorlist, out errors_out )) { //// no need! //errors_out = _errors.ToArray(); return; } SO_CRD_User _user = DO_CRD_User.getObject(_sessionuser.IDUser); if (_user == null) { _errorlist.Add(ErrorType.authentication__no_such_user); UserSession.Remove(_sessionguid); errors_out = _errorlist.ToArray(); return; } #endregion bool _constraint; if ( !SimpleHash.VerifyHash( password_old_in, SimpleHash.HashAlgotithm.SHA256, _user.Password ) ) { _errorlist.Add(ErrorType.authentication__change_password__wrong_password); } else if (string.IsNullOrEmpty(password_new_in)) { _errorlist.Add(ErrorType.authentication__change_password__invalid_password); } else { _user.Password = SimpleHash.ComputeHash( password_new_in, SimpleHash.HashAlgotithm.SHA256, null ); DO_CRD_User.updObject( _user, true, out _constraint ); } errors_out = _errorlist.ToArray(); }
protected void changePassword() { try { string username = txtUserChange.Text; string password = txtPassOld.Text; string hash = ""; if (username != "" && password != "") { string commandText = "SELECT [PasswordHash] FROM [dbo].[EmployeeLogin] WHERE [UserName] = @UserName"; SqlConnection conn = ProjectDB.connectToDB(); SqlCommand select = new SqlCommand(commandText, conn); select.Parameters.AddWithValue("@UserName", username); SqlDataReader reader = select.ExecuteReader(); if (reader.HasRows) { reader.Read(); hash = reader["PasswordHash"].ToString(); } reader.Close(); if (SimpleHash.VerifyHash(password, "MD5", hash)) { string newPassOne = txtPassNewOne.Text; string newPassTwo = txtPassNewTwo.Text; if (newPassOne != "" && newPassTwo != "") { if (newPassOne == newPassTwo) { commandText = "UPDATE [dbo].[EmployeeLogin] SET [PasswordHash] = @PasswordHash WHERE [UserName] = @UserName"; SqlCommand update = new SqlCommand(commandText, conn); update.Parameters.AddWithValue("@PasswordHash", SimpleHash.ComputeHash(txtPassNewOne.Text, "MD5", null)); update.Parameters.AddWithValue("@UserName", txtUserChange.Text); update.ExecuteNonQuery(); } else { errorMessage.Text = "Your new password must match."; } } else { errorMessage.Text = "Please ensure that all entries are completed."; } } else { errorMessage.Text = "Incorrect Password"; } conn.Close(); } else { errorMessage.Text = "Please ensure that all entries are completed"; } } catch (Exception ex) { errorMessage.Text += "" + ex; } }
public static void Run2Lab() { Random rnd = new Random(); Stopwatch sw = new Stopwatch(); #region Task_1 #if bin #region BinarySearch Console.WriteLine("Введите размерность массива для бинарного поиска или 0 для перехода к следующему заданию."); var size = int.Parse(Console.ReadLine()); while (0 != size) { Console.WriteLine("\nВведите искомый элемент."); var key_bin = int.Parse(Console.ReadLine()); var mas = new int[size]; for (int i = 0; i < size; i++) { mas[i] = rnd.Next(-1000, 1001); } Array.Sort(mas); sw.Start(); var start = DateTime.Now; var binary = BinarySearch(mas, key_bin); var end = DateTime.Now; sw.Stop(); Console.WriteLine($"\nЭлемент {key_bin} присутствует в массиве - {binary}."); Console.WriteLine($"Затраченное время на выполнение: {/*sw.Elapsed*/start - end}."); sw.Reset(); sw.Start(); start = DateTime.Now; Array.BinarySearch(mas, key_bin); end = DateTime.Now; sw.Stop(); Console.WriteLine($"\nЗатраченное время на выполнение встроенным алгоритмом класса Array: {start - end}."); sw.Reset(); Console.WriteLine("Введите размерность массива для повторной генерации или 0 для перехода к следующему заданию."); size = int.Parse(Console.ReadLine()); } #endregion #endif #if tree #region BinaryTree Console.WriteLine("Введите размерность дерева или 0 для перехода к следующему заданию."); var size_tree = int.Parse(Console.ReadLine()); while (size_tree != 0) { Console.WriteLine("Введите искомый элемент."); var key_tree = int.Parse(Console.ReadLine()); var set = new HashSet <int>(); for (int i = 0; i < size_tree; i++) { set.Add(rnd.Next(-1000, 1001)); } sw.Start(); var start = DateTime.Now; var contains_set = set.Contains(key_tree); var end = DateTime.Now; sw.Stop(); Console.WriteLine($"\nЭлемент {key_tree} присутствует в множестве - {contains_set}."); Console.WriteLine($"Затраченное время на выполнение встроенным методом класса HashSet: {/*sw.Elapsed*/start - end}."); sw.Reset(); int[] arr = new int[set.Count]; //int[] arr = { 5,8,11,3,-2,4,10,17}; set.CopyTo(arr); BinaryTree tree = new BinaryTree(arr); sw.Start(); start = DateTime.Now; var contains_tree = tree.HasValue(key_tree); end = DateTime.Now; sw.Stop(); Console.WriteLine($"\nЭлемент {key_tree} присутствует в дереве - {contains_tree}."); Console.WriteLine($"Затраченное время на выполнение методом класса BinaryTree: {/*sw.Elapsed*/start - end}."); sw.Reset(); Console.WriteLine("\nВведите элемент для добавления."); var adding = int.Parse(Console.ReadLine()); tree.Add(adding); start = DateTime.Now; contains_tree = tree.HasValue(adding); end = DateTime.Now; Console.WriteLine($"\nЭлемент {adding} присутствует в дереве после добавления - {contains_tree}."); Console.WriteLine($"Затраченное время на выполнение методом класса BinaryTree: {/*sw.Elapsed*/start - end}."); Console.WriteLine("\nВведите элемент для удаления."); int deleting = int.Parse(Console.ReadLine()); tree.Delete(deleting); start = DateTime.Now; contains_tree = tree.HasValue(deleting); end = DateTime.Now; Console.WriteLine($"\nЭлемент {deleting} присутствует в дереве после удаления - {contains_tree}"); Console.WriteLine($"Затраченное время на выполнение методом класса BinaryTree: {/*sw.Elapsed*/start - end}"); /*Console.WriteLine(set.Count); * Console.WriteLine(tree.Count);*/ sw.Reset(); Console.WriteLine("\nВведите размерность массива для повторной генерации или 0 для перехода к следующему заданию."); size_tree = int.Parse(Console.ReadLine()); } #endregion #endif #if fib #region Fibonacchi Console.WriteLine("Введите размерность массива для поиска Фибоначчи или 0 для перехода к следующему заданию."); var size_fib = int.Parse(Console.ReadLine()); while (size_fib != 0) { Console.WriteLine("Введите искомый элемент."); var key_fib = int.Parse(Console.ReadLine()); var set = new HashSet <int>(size_fib); for (int i = 0; i < size_fib; i++) { set.Add(rnd.Next(-1000, 1001)); } var arr = new int[set.Count]; //int[] arr = { 1, 2, 6, 14, 18, 40, 55, 91, 114, 225, 335, 556, 667, 889, 668, 44458, 88889595, 989849841, 989849843 }; set.CopyTo(arr); Array.Sort(arr); sw.Start(); var start = DateTime.Now; var contains_fib = Fib(arr, key_fib); var end = DateTime.Now; sw.Stop(); Console.WriteLine($"\nЭлемент {key_fib} присутствует в массиве - {contains_fib}."); Console.WriteLine($"Затраченное время на выполнение поиском Фиббоначи: {/*sw.Elapsed*/start - end}."); sw.Reset(); Console.WriteLine("\nВведите размерность массива для повторной генерации или 0 для перехода к следующему заданию."); size_fib = int.Parse(Console.ReadLine()); } #endregion #endif #if int #region Interpolation Console.WriteLine("Введите размерность массива для интерполяционного поиска или 0 для перехода к следующему заданию."); var size_interpol = int.Parse(Console.ReadLine()); while (size_interpol != 0) { Console.WriteLine("Введите искомый элемент."); var key_interpol = int.Parse(Console.ReadLine()); var set = new HashSet <int>(size_interpol); for (int i = 0; i < size_interpol; i++) { set.Add(rnd.Next(-1000, 1001)); } //var arr = new int[set.Count]; //set.CopyTo(arr); int[] arr = { 1, 2, 6, 14, 18, 40, 55, 91, 114, 225, 335, 556, 667, 889, 668, 44458, 88889595, 9898491, 9898443 }; Array.Sort(arr); sw.Start(); var start = DateTime.Now; var contains_int = Interpolation(arr, key_interpol); var end = DateTime.Now; sw.Stop(); Console.WriteLine($"\nЭлемент {key_interpol} присутствует в массиве - {contains_int}."); Console.WriteLine($"Затраченное время на выполнение интерполяционным поиском: {/*sw.Elapsed*/start - end}."); sw.Reset(); Console.WriteLine("\nВведите размерность массива для повторной генерации или 0 для перехода к следующему заданию."); size_interpol = int.Parse(Console.ReadLine()); } #endregion #endif #endregion #region Task 2 #if hash #region Simple Console.WriteLine("Введите размерность массива для генерации массива для простого хеширования или 0 для перехода к следующему заданию."); var size_simp_hash = long.Parse(Console.ReadLine()); while (size_simp_hash != 0) { var set = new HashSet <int>((int)size_simp_hash); while (set.Count != size_simp_hash) { set.Add(rnd.Next(-(int)size_simp_hash, (int)size_simp_hash)); } var arr = new int[set.Count]; set.CopyTo(arr); Console.WriteLine($"Введите искомый элемент"); int item = int.Parse(Console.ReadLine()); sw.Start(); var start = DateTime.Now; SimpleHash hash = new SimpleHash(arr); var end = DateTime.Now; sw.Stop(); Console.WriteLine($"Затраченное время на хеширование: {/*sw.Elapsed*/start - end}."); sw.Reset(); sw.Start(); start = DateTime.Now; int index = hash.IndexOf(item); end = DateTime.Now; sw.Stop(); Console.WriteLine($"Индекс искомого элемента в хеш-таблице: {index}"); Console.WriteLine($"Затраченное время на поиск: {/*sw.Elapsed*/start - end}."); sw.Reset(); Console.WriteLine("\nВведите размерность массива для повторной генерации или 0 для перехода к следующему заданию."); size_simp_hash = long.Parse(Console.ReadLine()); } #endregion #region Pseudo Console.WriteLine("Введите размерность массива для генерации массива для хеширования на основе псеводослучайных чисел или 0 для перехода к следующему заданию."); var size_pseudo_hash = long.Parse(Console.ReadLine()); while (size_pseudo_hash != 0) { var set = new HashSet <int>((int)size_pseudo_hash); while (set.Count != size_pseudo_hash) { set.Add(rnd.Next(-(int)size_pseudo_hash, (int)size_pseudo_hash)); } var arr = new int[set.Count]; set.CopyTo(arr); Console.WriteLine($"Введите искомый элемент"); int item = int.Parse(Console.ReadLine()); sw.Start(); var start = DateTime.Now; PseudoHash hash = new PseudoHash(arr); var end = DateTime.Now; sw.Stop(); Console.WriteLine($"Затраченное время на хеширование: {/*sw.Elapsed*/start - end}."); sw.Reset(); sw.Start(); start = DateTime.Now; int index = hash.IndexOf(item); end = DateTime.Now; sw.Stop(); Console.WriteLine($"Индекс искомого элемента в хеш-таблице: {index}"); Console.WriteLine($"Затраченное время на поиск: {/*sw.Elapsed*/start - end}."); sw.Reset(); Console.WriteLine("\nВведите размерность массива для повторной генерации или 0 для перехода к следующему заданию."); size_simp_hash = long.Parse(Console.ReadLine()); } #endregion #region Chains Console.WriteLine("Введите размерность массива для генерации массива для хеширования цепочками или 0 для перехода к следующему заданию."); var size_chains_hash = long.Parse(Console.ReadLine()); while (size_chains_hash != 0) { var set = new HashSet <int>((int)size_chains_hash); while (set.Count != size_chains_hash) { set.Add(rnd.Next(-(int)size_chains_hash, (int)size_chains_hash)); } var arr = new int[set.Count]; set.CopyTo(arr); Console.WriteLine($"Введите искомый элемент"); int item = int.Parse(Console.ReadLine()); sw.Start(); var start = DateTime.Now; ChainHash hash = new ChainHash(arr); var end = DateTime.Now; sw.Stop(); Console.WriteLine($"Затраченное время на хеширование: {/*sw.Elapsed*/start - end}."); sw.Reset(); sw.Start(); start = DateTime.Now; bool index = hash.HasValue(item); end = DateTime.Now; sw.Stop(); Console.WriteLine($"Искомый элемент присутствует в хеш-таблице: {index}"); Console.WriteLine($"Затраченное время на поиск: {/*sw.Elapsed*/start - end}."); sw.Reset(); Console.WriteLine("\nВведите размерность массива для повторной генерации или 0 для перехода к следующему заданию."); size_simp_hash = long.Parse(Console.ReadLine()); } #endregion #endif #endregion #region Task 3 #if chess #region Chess Console.WriteLine("Введите значение от 1 до 24 для вывода результата поиска или 0 для выхода."); var key = int.Parse(Console.ReadLine()); while (key != 0) { sw.Start(); Console.WriteLine($"\nВарианты расстановки ферзей:\n"); var start = DateTime.Now; Chess(key); var end = DateTime.Now; sw.Stop(); Console.WriteLine($"Затраченное время на выполнение: {/*sw.Elapsed*/start - end}."); sw.Reset(); Console.WriteLine("\nВведите любое значение кроме 0 для вывода результата поиска или 0 для выхода."); key = int.Parse(Console.ReadLine()); } #endregion #endif #endregion }
protected void Login1_Authenticate(object sender, EventArgs e) { String user = inputEmail.Text; String password = inputPassword.Text; bool verify = false; try { string QueryUserDetails = "Select PasswordHash, ActivatedBool, UserPermission from dbo.GeneralUser where EmailAddress = '" + user + "'"; // This query returns the password hash and the boolean for whether or not the profile is activated SqlConnection connection = new SqlConnection(ConfigurationManager.ConnectionStrings["conString"].ConnectionString); // connection string is in web config connection.Open(); SqlCommand cmd = new SqlCommand(QueryUserDetails, connection); // execute select statement SqlDataAdapter adp = new SqlDataAdapter(cmd); // read in data from query results DataTable dt = new DataTable(); // create data table for sql query adp.Fill(dt); // populate datatable with query results // Verify there are rows in the datatable before populating variables if (dt.Rows.Count > 0) // if the query finds the user-entered Email (username) { string activated = dt.Rows[0][1].ToString(); string permission = dt.Rows[0][2].ToString(); // Get the PasswordHash from DB, verify the hash matches the user-entered password string pwHash = dt.Rows[0][0].ToString(); verify = SimpleHash.VerifyHash(password, "MD5", pwHash); System.Diagnostics.Debug.WriteLine(verify); Session["loggedIn"] = verify; // Create permissions session variable Session["permission"] = permission.ToString(); // If the log-in credentials are verified if (verify) { // Verify that the user has activated their profile if (activated == "True") // if the account's activated column is equal to true { // Redirect user to their profile based on their permission if (permission == "5") { Session["UserID"] = user; Response.Redirect("Admin.Dashboard.aspx"); // if all details match up, user is redirected to their profile page. TODO: Code profile page, figure out if statements for directing user to their appropriate profile type } if (permission == "4") { // redirect to staff/instructor/intern profile/// Community Wall Session["UserID"] = user; Response.Redirect("Wall.aspx"); } if (permission == "3") { // redirect to student profile Session["UserID"] = user; Response.Redirect("Wall.aspx"); } if (permission == "2") { // parent permission // Debug.WriteLine(user); Session["UserID"] = inputEmail.Text; Debug.WriteLine(Session["UserID"].ToString()); Response.Redirect("Wall.aspx"); } if (permission == "1") { // redirect to cipher profile Session["UserID"] = user; Response.Redirect("Wall.aspx"); } } else { MessageBox.Show("Error: Account is not activated. You will receive an e-mail when your account is approved and ready for activation"); } } else { MessageBox.Show("Error: Invalid Password. Please enter the correct password or click 'Forgot Password'"); } } else { MessageBox.Show("Error: That account does not exist! Please click sign up to join the community"); } } catch (SqlException error) { MessageBox.Show(e.ToString()); System.Diagnostics.Debug.WriteLine(error.ToString()); } }
/// <summary> /// Encrypts the password with MD5 algorithm. /// </summary> /// <param name="originalPassword">Original password.</param> public void EncryptPasswordToMD5(string originalPassword) { this.password = SimpleHash.ComputeHash(originalPassword, "MD5", null); }
protected void btnChangePass_Click(object sender, EventArgs e) { // Check if current password is real password String currentPass = txtCurrentPass.Text; if (txtNewPass.Text == txtCurrentPass.Text || txtConfirmNewPass.Text == txtCurrentPass.Text) { System.Web.UI.HtmlControls.HtmlGenericControl NewDiv = new System.Web.UI.HtmlControls.HtmlGenericControl(); NewDiv.Attributes["class"] = "dialog"; NewDiv.ID = "dialog"; NewDiv.Attributes["title"] = "Password Change"; NewDiv.InnerText = "Your new password cannot be the same as your old password."; this.Controls.Add(NewDiv); return; } con.Open(); SqlCommand select = new SqlCommand(); select.Connection = con; // Get the hash for the current user's password select.CommandText = "SELECT PasswordHash FROM [dbo].[Password] WHERE UserID =" + Convert.ToString((int)Session["UserID"]); String currentHash = (String)select.ExecuteScalar(); bool correctHash = SimpleHash.VerifyHash(currentPass, "MD5", currentHash); // Check if current password and new password TextBoxes are filled out correctly if (correctHash) { if (String.IsNullOrWhiteSpace(txtNewPass.Text) == true) { System.Web.UI.HtmlControls.HtmlGenericControl NewDiv = new System.Web.UI.HtmlControls.HtmlGenericControl(); NewDiv.Attributes["class"] = "dialog"; NewDiv.ID = "dialog"; NewDiv.Attributes["title"] = "Password Change"; NewDiv.InnerText = "You must enter a new password."; this.Controls.Add(NewDiv); } else if (txtNewPass.Text == txtConfirmNewPass.Text) { String newPassHash = SimpleHash.ComputeHash(txtNewPass.Text, "MD5", null); select.CommandText = "UPDATE [dbo].[Password] SET [PasswordHash] = @PasswordHash WHERE [UserID] =" + Convert.ToString((int)Session["UserID"]); select.Parameters.AddWithValue("@PasswordHash", newPassHash); select.ExecuteNonQuery(); System.Web.UI.HtmlControls.HtmlGenericControl NewDiv = new System.Web.UI.HtmlControls.HtmlGenericControl(); NewDiv.Attributes["class"] = "dialog"; NewDiv.ID = "dialog"; NewDiv.Attributes["title"] = "Password Change"; NewDiv.InnerText = "Password successfully changed!"; this.Controls.Add(NewDiv); } else { System.Web.UI.HtmlControls.HtmlGenericControl NewDiv = new System.Web.UI.HtmlControls.HtmlGenericControl(); NewDiv.Attributes["class"] = "dialog"; NewDiv.ID = "dialog"; NewDiv.Attributes["title"] = "Password Change"; NewDiv.InnerText = "Passwords do not match."; this.Controls.Add(NewDiv); } } else { System.Web.UI.HtmlControls.HtmlGenericControl NewDiv = new System.Web.UI.HtmlControls.HtmlGenericControl(); NewDiv.Attributes["class"] = "dialog"; NewDiv.ID = "dialog"; NewDiv.Attributes["title"] = "Password Change"; NewDiv.InnerText = "Incorrect password."; this.Controls.Add(NewDiv); } con.Close(); }
public HelloModule() { var db = new VenereissutDataContext(); Get["/"] = parameters => "Hello World"; // Login Post["/Login"] = p => { Login model = this.Bind(); // Haetaan käyttäjän tiedot tietokannasta username:n perusteella User q = (from a in db.Users where model.username == a.UserName select a).FirstOrDefault(); List <User> everything = (from a in db.Users select a).ToList(); ISimpleHash simpleHash = new SimpleHash(); if (simpleHash.Verify(model.passwd, q.Password)) { // Login ok, annetaan sessionId ja tallennetaan se käyttäjälle. string sessionId = Util.CreateRandomPassword(20); q.SessionId = sessionId; q.TimeStamp = DateTime.Now; db.SubmitChanges(); return(sessionId); } // Login ei ok, ei palauteta mitään. return(String.Empty); }; // Logoff Post["/Logoff"] = p => { return("Logoff OK."); }; Post["/addUser"] = p => { Login model = this.Bind(); ISimpleHash simpleHash = new SimpleHash(); string saltedPasswd = simpleHash.Compute(model.passwd); User user = new User { UserName = model.username, Password = saltedPasswd }; db.Users.InsertOnSubmit(user); db.SubmitChanges(); return("Operation successful."); }; //Post["/addKohde"] = p => //{ // Kohteet model = this.Bind(); // db.Kohteets.InsertOnSubmit(model); // db.SubmitChanges(); // return "Done inserting Kohde!"; //}; Post["/addKohde"] = p => { KohdeWAuthentication m = this.Bind(); //Kohde km = this.Bind(); if (!Authenticate(m.token, db)) { return(String.Empty); } Kohteet k = new Kohteet { Kohde_Id = m.Kohde_Id, Koordinaatit = m.Koordinaatit, KuvaBase64 = m.KuvaBase64, Kuvausteksti = m.Kuvausteksti, Nimi = m.Nimi }; //Kohteet k = new Kohteet { Koordinaatit = km.Koordinaatit, Nimi = km.Nimi }; db.Kohteets.InsertOnSubmit(k); db.SubmitChanges(); return("Done inserting Kohde!"); }; Post["/addKohteenReissut"] = p => { KohteetReissut model = this.Bind(); db.KohteetReissuts.InsertOnSubmit(model); db.SubmitChanges(); return("Done inserting KohteenReissut!"); }; //Post["/addReissu"] = p => //{ // Reissut model = this.Bind(); // db.Reissuts.InsertOnSubmit(model); // db.SubmitChanges(); // return "Done inserting Reissuts!"; //}; Post["/addReissu"] = p => { ReissutWAuthentication model = this.Bind(); if (!Authenticate(model.token, db)) { return(String.Empty); } string userName = GetUserNameByToken(model.token, db); Reissut m = new Reissut { UserName = userName, Alkoi = model.Alkoi, Nimi = model.Nimi, Kuvausteksti = model.Kuvausteksti }; db.Reissuts.InsertOnSubmit(m); db.SubmitChanges(); return(m.Reissu_Id.ToString()); }; Get["/Kohteet/{id}"] = p => (GetKohde(p.id, db)); }
protected void EmployeeLogin_Authenticate(object sender, AuthenticateEventArgs e) { try { //the Login object has both UserName and Password properties string userName = employeeLogin.UserName; string password = employeeLogin.Password; //the authenticated property of the AutheticateEventArgs object is what //determines whether to authenticate the login or not...here we assume no e.Authenticated = false; //setting up SqlConnection and SqlCommand SqlConnection conn = ProjectDB.connectToDB(); if (conn != null) { string commandText = "SELECT TOP 1 UserName, PasswordHash FROM [dbo].[EmployeeLogin] WHERE UserName = @UserName"; SqlCommand select = new SqlCommand(commandText, conn); select.Parameters.AddWithValue("@UserName", userName); SqlDataReader reader = select.ExecuteReader(); //if there is such a record, read it if (reader.HasRows) { reader.Read(); String pwHash = reader["PasswordHash"].ToString(); //retrieve the password hash String user = reader["UserName"].ToString(); Session["loggedInAs"] = user; //user the SimpleHash object to verify the user's entered password bool verify = SimpleHash.VerifyHash(password, "MD5", pwHash); //the result of the VerifyHash is boolean; we use this to determine authentication e.Authenticated = verify; if (e.Authenticated == true) { getUserInfo(getLoginID(userName)); } } conn.Close(); Session["employeeLoggedIn"] = e.Authenticated.ToString(); } else { errorMessage.Text += "\nThe connection to the database failed: " + conn; } if (e.Authenticated == false) { employeeLogin.FailureText = "Incorrect Login/Password"; } } catch (Exception ex) { employeeLogin.FailureText = ex.ToString(); } }
protected void btnSubmitUser_Click(object sender, EventArgs e) { // Instantiate SQL objects, set up a SQL connection SqlConnection con = new SqlConnection(); con.ConnectionString = ConfigurationManager.ConnectionStrings["lab4ConnectionString"].ConnectionString; con.Open(); SqlCommand select = new SqlCommand(); select.Connection = con; // Get the username the admin wants to insert into the database select.CommandText = "SELECT Email FROM [dbo].[User] WHERE Email = @Email"; select.Parameters.Add(new SqlParameter("@Email", SqlDbType.VarChar)); select.Parameters["@Email"].Value = txtEmail.Text; // Check if the desired username is already in the database String existingUserName = (String)select.ExecuteScalar(); if (existingUserName == null) { try { String insertString; // Insert the new user into the database insertString = "INSERT INTO [dbo].[User] VALUES(@FName, Null,"; // SQL insert statement insertString += "@LName, @Email, @nickName, NULL, 0, 0, 0, " + (int)Session["UserID"] + ", NULL, @EmployerID, @AccountBalance, 1, '" + (String)Session["LName"] + "', '2018-01-01')"; select.CommandText = insertString; //find the NickName select.Parameters.AddWithValue("@nickName", txtNickName.Text); // Make the first letter in the First Name TextBox uppercase select.Parameters.Add(new SqlParameter("@FName", SqlDbType.VarChar)); select.Parameters["@FName"].Value = char.ToUpper(txtFName.Text[0]) + txtFName.Text.Substring(1); // Make the first letter in the Last Name TextBox uppercase select.Parameters.Add(new SqlParameter("@LName", SqlDbType.VarChar)); select.Parameters["@LName"].Value = char.ToUpper(txtLName.Text[0]) + txtLName.Text.Substring(1); // Set the EmployerID equal to the selected index of the corresponding drop down list + 1 to avoid indexing errors select.Parameters.Add(new SqlParameter("@EmployerID", SqlDbType.Int)); select.Parameters["@EmployerID"].Value = (int)Session["EmployerID"]; // Set the new user's account balance equal to $0 select.Parameters.Add(new SqlParameter("@AccountBalance", SqlDbType.Money)); select.Parameters["@AccountBalance"].Value = 0; select.ExecuteNonQuery(); // Create a password and password hash for the new user string password = "******"; string passwordHashNew = SimpleHash.ComputeHash(password, "MD5", null); select.CommandText = "SELECT [UserID] FROM [USER] WHERE [Email] = @Email"; int userID = (int)select.ExecuteScalar(); select.CommandText = "INSERT INTO[dbo].[Password] Values (" + userID + ", '" + passwordHashNew + "')"; select.ExecuteNonQuery(); txtFName.Text = ""; txtLName.Text = ""; txtEmail.Text = ""; txtNickName.Text = ""; lblError.Text = ""; Popup.Visible = false; Popup.Enabled = false; } catch (Exception) { lblError.Text = "Please fill out the whole form"; } } // Display an error message if the username already exists within the database else { lblError.Text = "This username is already taken"; } // Close the SQL connection and update the gridview con.Close(); fillGridView(); }
public static void console_main(bool block) { MyMain.start_time = DateTime.Now; AppDomain.CurrentDomain.UnhandledException += new UnhandledExceptionEventHandler(MyMain.CurrentDomain_UnhandledException); Timer timer = new Timer(new TimerCallback(MyMain.tsecond_Elapsed), (object)null, 0, 1000); clib.init_log_files(); clib.set_debug(true); clib.imsg("Logging home {0}", (object)clib.log_file("imsg.log")); clib.imsg("Starting FTPDAV Version {0} Build {1}", (object)clib.Version(), (object)clib.Build()); clib.startstop("Starting FTPDAV Version {0} {1}", (object)clib.Version(), (object)clib.Build()); Ini.init(clib.work("config.ini")); clib.set_debug(MyMain.main_debug); clib.log_idle(); Quota.init(); clib.set_tmp(clib.work("tmp")); Directory.CreateDirectory(clib.tmp()); Directory.CreateDirectory(clib.work("userdb")); Directory.CreateDirectory(clib.work("spawn")); Directory.CreateDirectory(clib.work("log")); Vuser.init(clib.work("userdb")); Link.set_paths(clib.work(""), clib.app("")); Profile.load(); SimpleHash.unit_test(); Link.set_ssl_password(Ini.getstring(En.ssl_password)); clib.set_debug(true); MyMain.startListeners(); if (!MyMain.main_debug) { clib.imsg("Going quiet now as no -debug switch on command line..."); } clib.set_debug(MyMain.main_debug); MyKey.init(clib.work("key.dat")); try { File.Delete(clib.work("ftpdav.exit")); } catch { clib.imsg("FAILED TO DELETE FTPDAV.EXIT"); } if (!block) { return; } while (true) { try { File.WriteAllText(clib.work("main.running"), "running"); if (File.Exists(clib.work("ftpdav.exit"))) { clib.imsg("Exiting because ftpdav.exit found"); try { File.Delete(clib.work("ftpdav.exit")); goto label_18; } catch (Exception ex) { clib.imsg("Delete failed {0}", (object)ex.Message); goto label_18; } } } catch { } Thread.Sleep(1000); if (!MyMain.shutdown) { if (clib.time() - MyMain.last > 60) { MyMain.last = clib.time(); Quota.save(); } } else { break; } } clib.imsg("Exiting because shutdown flag true"); label_18: File.Delete(clib.work("main.running")); clib.imsg("Key pressed or ftpdav.exit found =============================="); Quota.save(); clib.startstop("Clean shutdown FTPDAV Version {0}", (object)clib.Version()); }
protected void BtnCommit_Click(object sender, EventArgs e) { try { Person employee = new Person(txtFirstName.Text, txtLastName.Text, txtEmail.Text); employee.setLastUpdatedBy((string)(Session["loggedIn"])); SqlConnection sc = new SqlConnection(); sc.ConnectionString = ConfigurationManager.ConnectionStrings["GroupProjectConnectionString"].ConnectionString; sc.Open(); SqlCommand insert = new SqlCommand(); insert.Connection = sc; insert.CommandText = "select [E-mail] from [Person] where [E-mail] = @Email"; insert.Parameters.AddWithValue("@Email", employee.getEmail()); SqlDataReader reader = insert.ExecuteReader(); if (reader.HasRows) { Response.Write("<script>alert('Email record has already existed in Database')</script>"); reader.Close(); sc.Close(); } else { reader.Close(); insert.CommandText = "INSERT INTO [dbo].[Person] ([FirstName],[LastName],[MI],[E-mail],[Position],[Password],[UserName],[PointsBalance],[PendingPoints],[LastUpdated],[LastUpdatedBy],[BusinessEntityID],[ManagerID],[loginCount]) VALUES" + "(@FirstName,@LastName,@MI,@Email,@Position,@Password,@UserName,@PointsBalance,@PendingPoints,@LastUpdated,@LastUpdatedBy,@BusinessEntityID,@ManagerID,0)"; insert.Parameters.AddWithValue("@FirstName", employee.getFirstName()); insert.Parameters.AddWithValue("@LastName", employee.getLastName()); insert.Parameters.AddWithValue("@Position", employee.getPosition()); insert.Parameters.AddWithValue("@PointsBalance", employee.getPointsBalance()); insert.Parameters.AddWithValue("@PendingPoints", employee.getPendingPoints()); insert.Parameters.AddWithValue("@BusinessEntityID", employee.getBusinessEntityID()); insert.Parameters.AddWithValue("@LastUpdatedBy", employee.getLastUpdatedBy()); insert.Parameters.AddWithValue("@LastUpdated", employee.getLastUpdated()); if (txtMI.Text.Trim() == "") { insert.Parameters.AddWithValue("@MI", DBNull.Value); } else { insert.Parameters.AddWithValue("@MI", txtMI.Text.Trim()); } if (txtManagerID.Text.Trim() == "") { insert.Parameters.AddWithValue("@ManagerID", DBNull.Value); } else { insert.Parameters.AddWithValue("@ManagerID", txtManagerID.Text.Trim()); } string password = System.Web.Security.Membership.GeneratePassword(8, 6); string passwordHashNew = SimpleHash.ComputeHash(password, "MD5", null); insert.Parameters.AddWithValue("@Password", passwordHashNew); insert.Parameters.AddWithValue("@UserName", employee.getEmail()); insert.ExecuteNonQuery(); sc.Close(); Send_Mail(employee.getEmail(), employee.getEmail(), password); Response.Write("<script>alert('Employee Account: " + employee.getFirstName() + "" + employee.getMI() + " " + employee.getLastName() + " is created')</script>"); txtFirstName.Text = string.Empty; txtMI.Text = string.Empty; txtLastName.Text = string.Empty; txtEmail.Text = string.Empty; txtManagerID.Text = string.Empty; } } catch { Response.Write("<script>alert('ManagerID not found in Database')</script>"); } }
protected void btnLogin_Click(object sender, EventArgs e) { //public System.Data.SqlClient.SqlDataReader reader; //Page.ClientScript.RegisterStartupScript(this.GetType(), // "alert", "alert('Welcome to our site. Enjoy your stay!');", true); //Response.Write("<script type='text/javascript'> window.open('flight.aspx'); </script>"); Page.Validate(); if (Page.IsValid) { String UserNameInput = UserName.Text; String PasswordInput = Password.Text; try { string passwordHashMD5 = SimpleHash.ComputeHash(PasswordInput, "MD5", null); System.Data.SqlClient.SqlConnection sc = new System.Data.SqlClient.SqlConnection(); System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand(); sc.ConnectionString = @"Data Source=pkyqlbhc9z.database.windows.net;Initial Catalog=KPMGTravel;Persist Security Info=True;User ID=episcopd;Password=Showker93;"; sc.Open(); cmd.Connection = sc; Label1.Text = "Connection Success!"; // int UserID = 2; string user = UserName.Text.ToString(); cmd.CommandText = @"Select PasswordHash, UserID, AccountType from SystemUser where UserID = @user"; cmd.Parameters.AddWithValue("@user", user); reader = cmd.ExecuteReader(); Label1.Text = "reader is working"; if (reader.Read()) { hashed = reader.GetValue(0).ToString(); Label1.Text = "login success!"; valid = SimpleHash.VerifyHash(PasswordInput, "MD5", hashed); Label1.Text = "login success!"; if (valid == true) { String User = Convert.ToString(reader.GetValue(1)); String AccountT = Convert.ToString(reader.GetValue(2)); Label1.Text = "login success!"; Session["UserIdAndAcctType"] = new String[2] { User, AccountT }; Session["ActiveUserIdAndAcctType"] = new String[2] { User, AccountT }; if (AccountT == "S") { Response.Redirect("KPMGFullSite.aspx"); } Response.Redirect("AccountPage.aspx"); } else { Label1.Text = "wrong password"; } } else { Label1.Text = "No Record"; } } catch (Exception) { //Diplay array max reached message //Page.ClientScript.RegisterStartupScript(this.GetType(), // "alert", "alert('HELLO THERE.');", true); } } }
public void TestInitialize() { m_SimpleHash = new SimpleHash(); }