public int SaveNewUser(string username, string password) { LoginHandler loginHandlerObj = new LoginHandler(); byte[] passwordHash = loginHandlerObj.PasswordHasher(password); int rowsAffected; string query = "INSERT INTO dbo.LoginDetails VALUES('" + username + "', @password);"; SqlCommand sqlCommandObj = new SqlCommand(); //Opens the connection of SQLConnection Object DatabaseConnectionObject.CreateDBConnection(); //Set the connection field of SQL Command object to the connection opened in the above line. sqlCommandObj.Connection = DatabaseConnectionObject.SqlConnectionObj1; sqlCommandObj.CommandText = query; SqlParameter paramPassword = sqlCommandObj.Parameters.AddWithValue("@password", passwordHash); paramPassword.DbType = DbType.Binary; try { rowsAffected = sqlCommandObj.ExecuteNonQuery(); } catch (Exception ex) { throw ex; } return(rowsAffected); }
public bool Login(string username, string password) { bool loginSuccessful = false; //SaveNewUser(username, password); //Used to insert users into LoginDetails table. LoginHandler loginHandlerObj = new LoginHandler(); loginSuccessful = loginHandlerObj.MatchPassword(username, password); return(loginSuccessful); }