private void inlogKnop_Click(object sender, EventArgs e)
{
bool bsnGoed = false;
bool wwGoed = false;
if (bsn.Text.Length < 9)
{
MessageBox.Show("Voer een volledig BSN-nummer in alstublieft.");
bsn.Text = String.Empty;
}
else
{
bsnGoed = true;
}
if (ww.Text.Length < 5)
{
MessageBox.Show("Uw wachtwoord is te zwak. Voer een sterker wachtwoord in alstublieft.");
ww.Text = String.Empty;
}
else
{
wwGoed = true;
}
if (wwGoed == true && bsnGoed == true)
{
dbh.TestConnection();
dbh.OpenConnectionToDB();
bool exist = false;
using (SqlCommand cmd = new SqlCommand("SELECT Salt FROM Persoon WHERE BSN = @BSN", dbh.GetCon()))
{
cmd.Parameters.AddWithValue("BSN", bsn.Text);
this.salt = Convert.ToString(cmd.ExecuteScalar());
}
if (salt != "")
{
var saltBytes = Convert.FromBase64String(this.salt);
var rfc2898DeriveBytes = new Rfc2898DeriveBytes(ww.Text, saltBytes, 10000);
hashedPassword = Convert.ToBase64String(rfc2898DeriveBytes.GetBytes(256));
using (SqlCommand cmd = new SqlCommand("SELECT COUNT(*) FROM [Persoon] WHERE BSN = @BSN AND Wachtwoord = @Wachtwoord", dbh.GetCon()))
{
cmd.Parameters.AddWithValue("BSN", bsn.Text);
cmd.Parameters.AddWithValue("Wachtwoord", hashedPassword);
exist = (int)cmd.ExecuteScalar() > 0;
}
if (exist)
{
int userID;
using (SqlCommand cmd = new SqlCommand("SELECT Id FROM Persoon WHERE BSN = @BSN", dbh.GetCon()))
{
cmd.Parameters.AddWithValue("BSN", bsn.Text);
userID = Convert.ToInt16(cmd.ExecuteScalar());
}
this.Hide();
var inloggen = new Hoofdmenu(userID);
inloggen.Closed += (s, args) => this.Close();
inloggen.Show();
}
else
{
MessageHandler.ShowMessage("Verkeerde BSN en/of wachtwoord!");
}
}
else
{
MessageHandler.ShowMessage("Gebruiker bestaat niet.");
}
dbh.CloseConnectionToDB();
}
}