IEnumerator RegisterCoroutine() { errorSubtitle.text = ""; string pwhash = PBKDF2Hash.Hash(password.text); string url = string.Format(registerURL, WWW.EscapeURL(username.text), WWW.EscapeURL(pwhash), WWW.EscapeURL(email.text)); WWW www = new WWW(url); yield return(www); if (www.error != null) { errorSubtitle.text = www.error; } else { LoginResult json = JsonUtility.FromJson <LoginResult>(www.text); if (json.error == null) { PersistentUser.Create(json); sceneChanger.LoadScene("Map Scene"); } else { errorSubtitle.text = json.error; } } }
protected void ButtonSubmit_Click(object sender, EventArgs e) { string password = TextBoxPasswordReg.Text; PBKDF2Hash PwdHash = new PBKDF2Hash(password); string passwordhash = PwdHash.HashedPassword; bool enabled = true; SqlConnection conn = new SqlConnection(ConfigurationManager. ConnectionStrings["ConnStringStoreDB"].ConnectionString); string sql = @"INSERT INTO Customer VALUES(@cust_name, @gender, @address, @telephone, @email, @passwordhash, @role, @enabled)"; SqlCommand cmd = new SqlCommand(sql, conn); cmd.Parameters.AddWithValue("@cust_name", TextBoxNameReg.Text); cmd.Parameters.AddWithValue("@gender", TextBoxGenderReg.Text); cmd.Parameters.AddWithValue("@address", TextBoxAddressReg.Text); cmd.Parameters.AddWithValue("@telephone", TextBoxTelephoneReg.Text); cmd.Parameters.AddWithValue("@email", TextBoxEmailReg.Text); cmd.Parameters.AddWithValue("@passwordhash", passwordhash); cmd.Parameters.AddWithValue("@role", "user"); cmd.Parameters.AddWithValue("@enabled", enabled); try { conn.Open(); cmd.ExecuteNonQuery(); LabelStatus.Text = "Data saved"; } catch (SqlException ex) { LabelStatus.Text = ex.Message; } finally { conn.Close(); } }
public ActionResult Signup(User user) { try { PBKDF2Hash PwdHash = new PBKDF2Hash(user.Password); user.Password = PwdHash.HashedPassword; if (!user.Email.Equals("*****@*****.**") && !user.Password.Equals("admin")) { user.Role = "user"; } else { user.Role = "admin"; } DateTime datetime = DateTime.Now; user.DateRegistered = datetime; SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["StoreContext"].ConnectionString); SqlCommand cmd = new SqlCommand("spInsertUser", conn); cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.AddWithValue("@UserName", user.Name); cmd.Parameters.AddWithValue("@UserICPassport", user.ICpass); cmd.Parameters.AddWithValue("@UserEmail", user.Email); cmd.Parameters.AddWithValue("@UserPassword", user.Password); cmd.Parameters.AddWithValue("@Role", user.Role); cmd.Parameters.AddWithValue("@DateRegistered", user.DateRegistered); try { conn.Open(); cmd.ExecuteNonQuery(); //user.UserId = Convert.ToInt32(cmd.ExecuteScalar()); Session["UserId"] = user.UserId; Session["Name"] = user.Name; Session["ICPass"] = user.ICpass; Session["Email"] = user.Email; Session["Password"] = user.Password; Session["Role"] = user.Role; Session["DateRegistered"] = user.DateRegistered; } catch { return(View()); } finally { conn.Close(); } return(RedirectToAction("Index")); } catch { return(View()); } }
protected void btnLogin_Click(object sender, EventArgs e) { string sql = "SELECT * FROM user_reg WHERE username=@username"; SqlConnection conn = new SqlConnection(ConfigurationManager. ConnectionStrings["ConnectionString"].ConnectionString); SqlCommand cmd = new SqlCommand(sql, conn); cmd.Parameters.AddWithValue("@username", txtUserName.Text); SqlDataAdapter sda = new SqlDataAdapter(cmd); DataTable dt = new DataTable(); sda.Fill(dt); if (dt.Rows.Count > 0) { Object objpasswordhash = dt.Rows[0]["passwordhash"]; Object objrole = dt.Rows[0]["role"]; Object objphone = dt.Rows[0]["phone"]; Object objaddress = dt.Rows[0]["address"]; Object objgender = dt.Rows[0]["gender"]; Object objenabled = dt.Rows[0]["enabled"]; string password = txtPassword.Text; string storedpasswordhash = objpasswordhash.ToString(); PBKDF2Hash PwdHash = new PBKDF2Hash(password, storedpasswordhash); bool passwordcheck = PwdHash.PasswordCheck; bool enabled = Convert.ToBoolean(objenabled); if (passwordcheck == true && enabled == true) { Session["username"] = txtUserName.Text; Session["role"] = objrole; Session["phone"] = objphone; Session["address"] = objaddress; Session["gender"] = objgender; if (Session["role"].ToString() == "admin") { Response.Redirect("EditDeleteItems.aspx"); } else if (Session["role"].ToString() == "user") { Response.Redirect("Default.aspx"); } else { Response.Redirect("Default.aspx"); } Session.RemoveAll(); } else { lblStatus.Text = "You're username and/or password is incorrect"; lblStatus.ForeColor = System.Drawing.Color.Red; } } }
public void text_is_hashed_with_specified_salt() { PBKDF2Hash.HashedBytes expected = new PBKDF2Hash.HashedBytes("Csf0jEKmYUVfsfk7UHVIKFmsyj8jrTiVWPNxEp4NEdDdKcOTd2YCUX+RPJncsSu5unRbCDgeAtWFTbtsIHZe0w==", "5000.thisisasalt"); ArrayList actualResult = (ArrayList)PBKDF2Hash.PBKDF2HashList("12345", "5000.thisisasalt"); PBKDF2Hash.HashedBytes actual = (PBKDF2Hash.HashedBytes)actualResult[0]; Assert.AreEqual(expected.Hash, actual.Hash); Assert.AreEqual(expected.Salt, actual.Salt); }
protected void ButtonLogin_Click(object sender, EventArgs e) { string sql = "SELECT * FROM Customer WHERE cust_name=@cust_name"; SqlConnection conn = new SqlConnection(ConfigurationManager. ConnectionStrings["ConnStringStoreDB"].ConnectionString); SqlCommand cmd = new SqlCommand(sql, conn); cmd.Parameters.AddWithValue("@cust_name", TextBoxUsernameLogin.Text); SqlDataAdapter sda = new SqlDataAdapter(cmd); DataTable dt = new DataTable(); sda.Fill(dt); if (dt.Rows.Count > 0) { Object objpasswordhash = dt.Rows[0]["passwordhash"]; Object objrole = dt.Rows[0]["role"]; Object objenabled = dt.Rows[0]["enabled"]; string password = TextBoxPasswordLogin.Text; string storedpasswordhash = objpasswordhash.ToString(); PBKDF2Hash PwdHash = new PBKDF2Hash(password, storedpasswordhash); bool passwordcheck = PwdHash.PasswordCheck; bool enabled = Convert.ToBoolean(objenabled); if (passwordcheck == true && enabled == true) { Session["cust_name"] = TextBoxUsernameLogin.Text; Session["role"] = objrole; if (Session["role"].ToString() == "admin") { Response.Redirect("AddProduct.aspx"); } else if (Session["role"].ToString() == "user") { Response.Redirect("CustomerHomepage.aspx"); } else { Response.Redirect("CustomerHomepage.aspx"); } Session.RemoveAll(); } else { LabelStatus.Text = "Your username or password is incorrect"; LabelStatus.ForeColor = System.Drawing.Color.Red; } Session.RemoveAll(); } else { LabelStatus.Text = "You're username or password is incorrect"; LabelStatus.ForeColor = System.Drawing.Color.Red; } }
protected void btnRegister_Click(object sender, EventArgs e) { string email = txtUserName.Text; string password = txtPassword.Text; string role = "user"; string phone = txtPhone.Text; string address = txtAddress.Text; string gender = radioGender.SelectedItem.Value.ToString(); PBKDF2Hash PwdHash = new PBKDF2Hash(password); string passwordhash = PwdHash.HashedPassword; //lblPasswordHash.Text = passwordhash; bool enabled = true; SqlConnection conn = new SqlConnection(ConfigurationManager. ConnectionStrings["ConnectionString"].ConnectionString); string sql = @"INSERT INTO user_reg (username, passwordhash, role, phone, address, gender, enabled) VALUES (@username, @passwordhash, @role, @phone, @address, @gender, @enabled)"; SqlCommand cmd = new SqlCommand(sql, conn); cmd.Parameters.AddWithValue("@username", email); cmd.Parameters.AddWithValue("@passwordhash", passwordhash); cmd.Parameters.AddWithValue("@role", role); cmd.Parameters.AddWithValue("@phone", phone); cmd.Parameters.AddWithValue("@address", address); cmd.Parameters.AddWithValue("@gender", gender); cmd.Parameters.AddWithValue("@enabled", enabled); try { conn.Open(); cmd.ExecuteNonQuery(); //lblStatus.Text = "Status: Data successfully saved."; } catch (SqlException ex) { //lblStatus.Text = ex.Message; } finally { conn.Close(); } }
private bool ChangeUserPassword() { string password = txtNewPassword.Text; PBKDF2Hash PwdHash = new PBKDF2Hash(password); string passwordhash = PwdHash.HashedPassword; List <SqlParameter> paramList = new List <SqlParameter>() { new SqlParameter() { ParameterName = "@GUID", Value = Request.QueryString["uid"] }, new SqlParameter() { ParameterName = "@password", #pragma warning disable CS0618 // Type or member is obsolete Value = passwordhash #pragma warning restore CS0618 // Type or member is obsolete } }; return(ExecuteSP("spChangePassword", paramList)); }
public ActionResult Login(User user) { if (ModelState.IsValid) { SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["StoreContext"].ConnectionString); SqlCommand cmd = new SqlCommand("spGetLoginData", conn); cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.AddWithValue("@Email", user.Email); SqlDataAdapter sda = new SqlDataAdapter(cmd); DataTable dt = new DataTable(); sda.Fill(dt); if (dt.Rows.Count > 0) { Object objUserid = dt.Rows[0]["Userid"]; Object objName = dt.Rows[0]["Name"]; Object objICpass = dt.Rows[0]["ICpass"]; Object objEmail = dt.Rows[0]["Email"]; Object objPassword = dt.Rows[0]["Password"]; Object objRole = dt.Rows[0]["Role"]; Object objDateRegistered = dt.Rows[0]["DateRegistered"]; string passwordEntered = user.Password; string passwordFromDb = objPassword.ToString(); PBKDF2Hash PwdHash = new PBKDF2Hash(passwordEntered, passwordFromDb); bool passwordCheck = PwdHash.PasswordCheck; if (passwordCheck == true) { Session["UserId"] = user.UserId; Session["Name"] = user.Name; Session["ICPass"] = user.ICpass; Session["Email"] = user.Email; Session["Password"] = user.Password; Session["Role"] = user.Role; Session["DateRegistered"] = user.DateRegistered; if (Session["Role"].ToString().Equals("user")) { return(RedirectToAction("Index")); } else if (Session["Role"].ToString().Equals("admin")) { return(RedirectToAction("UserLists")); } else { return(RedirectToAction("Index")); } } else { return(View()); } } else { return(View()); } } else { return(View()); } }
protected void ButtonRegister_Click(object sender, EventArgs e) { string password = TextBoxPassword.Text; PBKDF2Hash PwdHash = new PBKDF2Hash(password); string passwordhash = PwdHash.HashedPassword; bool enabled = true; SqlConnection conn = new SqlConnection(ConfigurationManager. ConnectionStrings["ConnStringStoreDB"].ConnectionString); string sql = @"INSERT INTO admin VALUES(@adminname, @email, @phoneNo, @address, @passwordhash, @role, @enabled)"; SqlCommand cmd = new SqlCommand(sql, conn); cmd.Parameters.AddWithValue("@adminname", TextBoxAdminName.Text); cmd.Parameters.AddWithValue("@email", TextBoxEmail.Text); cmd.Parameters.AddWithValue("@phoneNo", TextBoxPhoneNo.Text); cmd.Parameters.AddWithValue("@address", TextBoxAddress.Text); cmd.Parameters.AddWithValue("@passwordhash", passwordhash); cmd.Parameters.AddWithValue("@role", "admin"); cmd.Parameters.AddWithValue("@enabled", enabled); try { conn.Open(); cmd.ExecuteNonQuery(); LabelStatus.Text = "Register Success"; LabelStatus.ForeColor = System.Drawing.Color.Green; } catch (SqlException ex) { LabelStatus.Text = ex.Message; } finally { conn.Close(); } // Email users after done registered SmtpClient smtp = new SmtpClient(); smtp.Host = "smtp.gmail.com"; smtp.Port = 587; smtp.Credentials = new System.Net.NetworkCredential("*****@*****.**", "admin_1234"); smtp.EnableSsl = true; MailMessage msg = new MailMessage(); msg.Subject = "New Users Registeration Details"; msg.Body = "New Registration Details \n\n-------------------\n\nName : " + TextBoxAdminName.Text + "\n\nEmail Address :" + TextBoxEmail.Text + "\n\nPhone Number:" + TextBoxPhoneNo.Text + "\n\nAddress:" + TextBoxAddress.Text; string toaddress = (TextBoxEmail.Text); msg.To.Add(toaddress); string fromaddress = ("*****@*****.**"); msg.From = new MailAddress(fromaddress); try { smtp.Send(msg); ScriptManager.RegisterStartupScript(this, this.GetType(), "popup", "alert('Registration email has been send succesfully');", true); } catch { throw; } }