コード例 #1
0
    protected void Button1_Click(object sender, EventArgs e)
    {
        string usernameee = TextBox1.Text.Trim();

        UserCustomer cu = new UserCustomer();

        cu = cu.getAllDataByName(usernameee);


        if (cu == null)
        {
            Label2.Text = "Invalid user";
        }
        else
        {
            Label2.Text = "";
            string username    = TextBox1.Text.Trim();
            string Nric        = TextBox6.Text.Trim();
            string phoneNumber = TextBox5.Text.Trim();
            string email       = TextBox3.Text.Trim();
            string birthday    = TextBox2.Text.Trim();

            UserCustomer dsa     = new UserCustomer();
            string       dbgetPo = dsa.getAllDataByName(username).ForgetHash;



            string checkVali = HiddenFieldCheckForValBu.Value.Trim();

            System.Diagnostics.Debug.Write("ds" + checkVali);

            if (dbgetPo.Equals(checkVali))
            {
                Session["forgetPassTosaveusername"]    = username;
                Session["forgetPassTosavenric"]        = Nric;
                Session["forgetPassTosavephoneNumber"] = phoneNumber;
                Session["forgetPassTosaveemail"]       = email;
                Session["forgetPassTosavebirthday"]    = birthday;



                Response.Redirect("EmailOtp.aspx");
            }
            else
            {
                Label1.Text = "*One of the fields you have entered is incorrect";
            }
        }



        //    Tzwilio d = new Tzwilio("+6598517761","testung");
        //        d.choasSms();


        //        EmailSender s = new EmailSender("Aravin", "*****@*****.**","21/09/1997","Hi, Reagrds");
        //        s.SendSimpleMessage();
    }
コード例 #2
0
    //    protected void forgetpassword(object sender, EventArgs e)
    //    {
    //        Response.Redirect("2faLogin.aspx", false);
    //    }

    protected void Button1_Click(object sender, EventArgs e)
    {
        UserCustomer ssdsd = new UserCustomer();

        ssdsd = ssdsd.getAllDataByName(Session["usernameLogin"].ToString());
        int cuas = ssdsd.Attempt;

        System.Diagnostics.Debug.WriteLine(cuas);

        if (cuas < 3)
        {
            string       username = (string)Session["usernameLogin"];
            UserCustomer su       = new UserCustomer();
            su = su.getAllDataByName(username);
            //getting salt and hash from db based on username
            string salt             = su.Passwordsalt;
            string hashvalueToCheck = su.Passwordhash;

            //server hashing
            string hashvalClient = TextBox2.Text;
            string combine       = hashvalClient + salt;

            SHA512Managed hashing = new SHA512Managed();

            byte[] serverHashwithSaltHashed = hashing.ComputeHash(Encoding.UTF8.GetBytes(combine));

            //converting bytes to base64
            string finalval = Convert.ToBase64String(serverHashwithSaltHashed);


            System.Diagnostics.Debug.WriteLine(finalval);

            //validation
            if (hashvalueToCheck == finalval)
            {
                Session["accountLoginVerified"] = "true";
                Session["md5Store"]             = hashvalClient;
                Response.Redirect("2faLogin.aspx", false);
            }
            else
            {
                UserCustomer sd    = new UserCustomer();
                UserCustomer users = new UserCustomer();

                users = sd.getAllDataByName(username);
                int curreatt = users.Attempt;

                sd.updateuserattempts(username, curreatt + 1);


                Labelerr.Text = "You have entered a Incorrect password";
            }
        }
        else
        {
            Labelerr.Text = "Account locked, you had 3 failed logon attempts";
        }
    }
コード例 #3
0
    protected void Button1_Click(object sender, EventArgs e)
    {
        string passhashfromform = TextBox1.Text.Trim();

        //look here
        Session["md5hashforforgetpassplsthx"] = passhashfromform;

        System.Diagnostics.Debug.WriteLine(passhashfromform);


        string nricFromform = HiddenFieldNricEncrypted.Value;

        string bdfromform = HiddenFieldBirthdayEncrypted.Value;



        UserCustomer cs = new UserCustomer();

        string saltFrodb = cs.getAllDataByName(Session["forgetPassTosaveusername"].ToString()).Passwordsalt;



        byte[] saltpls = Convert.FromBase64String(saltFrodb);


        string phonepl = Session["forgetPassTosavephoneNumber"].ToString();
        string emailps = Session["forgetPassTosaveemail"].ToString();



        string encryptedNric     = encryptData(nricFromform, passhashfromform, saltpls);
        string encryptebirthdayc = encryptData(bdfromform, passhashfromform, saltpls);
        string encryptephone     = encryptData(phonepl, passhashfromform, saltpls);
        string encryptemail      = encryptData(emailps, passhashfromform, saltpls);

        Session["encryptedforforgetpassthxnric"]     = encryptedNric;
        Session["encryptedforforgetpassthxbirthday"] = encryptebirthdayc;
        Session["encryptedforforgetpassthxphone"]    = encryptephone;
        Session["encryptedforforgetpassthxemail"]    = encryptemail;
        Session["sha1askeyforcleintx"] = HiddenFieldsha1fornextuser.Value;



        //label sucess


        Response.Redirect("addressConfirm.aspx");
    }
コード例 #4
0
ファイル: login.aspx.cs プロジェクト: ianlaiky/aspProject
    protected void CustomValidator1_OnServerValidate(object source, ServerValidateEventArgs args)
    {
        string username = Server.HtmlEncode(TextBox1.Text);

        UserCustomer cu = new UserCustomer();

        cu = cu.getAllDataByName(username);


        if (cu == null)
        {
            args.IsValid = false;
        }
        else
        {
            args.IsValid = true;
        }
    }
コード例 #5
0
ファイル: login.aspx.cs プロジェクト: ianlaiky/aspProject
    protected void Button1_Click(object sender, EventArgs e)
    {
        if (Page.IsValid)
        {
            UserCustomer ds = new UserCustomer();
            UserCustomer aq = new UserCustomer();
            aq = ds.getAllDataByName(TextBox1.Text);



            int att = aq.Attempt;

            if (att < 3)
            {
                Session["usernameLogin"] = Server.HtmlEncode(TextBox1.Text);
                Response.Redirect("passwordlogin.aspx");
            }
            else
            {
                Labelatte.Text = "Account locked, you had 3 failed logon attempts";
            }
        }
    }
コード例 #6
0
ファイル: 2faLogin.aspx.cs プロジェクト: ianlaiky/aspProject
    protected void Button100_Click(object sender, EventArgs e)
    {
        string username = (string)Session["usernameLogin"];
        string md5hash  = (string)Session["md5Store"];

        UserCustomer cu = new UserCustomer();

        cu = cu.getAllDataByName(username);

        string salt = cu.Passwordsalt;

        string firstNameCipher = cu.FirstName;
        string lastNameCipher  = cu.LastName;
        string nricCipher      = cu.Nric;
        string phone           = cu.PhoneNo;


        byte[] salttoByte = Convert.FromBase64String(salt);


        Rfc2898DeriveBytes pdb = new Rfc2898DeriveBytes(md5hash, salttoByte);


        RijndaelManaged cipher = new RijndaelManaged();

        //set key and initialisation vec from rfc
        cipher.Key = pdb.GetBytes(32);
        cipher.IV  = pdb.GetBytes(16);
        ICryptoTransform decryptTransform = cipher.CreateDecryptor();


        byte[] cipherphone = Convert.FromBase64String(phone);

        byte[] plaintextPhone = decryptTransform.TransformFinalBlock(cipherphone, 0, cipherphone.Length);

        string resultPhone = Encoding.UTF8.GetString(plaintextPhone);



        //save current date and time at the point of request

        DateTime timeofrequesttimeout = DateTime.Now.AddSeconds(30);

        System.Diagnostics.Debug.WriteLine(timeofrequesttimeout);
        Session["2faotptimeoutdatetimecheckthis"] = timeofrequesttimeout;



        Random rnd   = new Random();
        string digit = rnd.Next(999999).ToString();

        Session["rngPhoneL"] = digit;
        System.Diagnostics.Debug.WriteLine(digit);
        //uncomment this


        string resPhone = "+65" + resultPhone;

        Tzwilio g = new Tzwilio(resPhone, digit);

        g.choasSms();
    }
コード例 #7
0
    protected void Button1_Click(object sender, EventArgs e)
    {
        UserCustomer cs = new UserCustomer();

        string saltFrodb = cs.getAllDataByName(Session["forgetPassTosaveusername"].ToString()).Passwordsalt;

        byte[] saltpls = Convert.FromBase64String(saltFrodb);

        //pass from form
        string passfromform = Session["md5hashforforgetpassplsthx"].ToString();

        //hash on server side
        SHA512Managed hashing = new SHA512Managed();

        string finalHashval;
        string serverhashwithSaltText = passfromform + saltFrodb;

        System.Diagnostics.Debug.WriteLine("combining salt" + serverhashwithSaltText);

        byte[] serverHashwithSaltHashed = hashing.ComputeHash(Encoding.UTF8.GetBytes(serverhashwithSaltText));

        System.Diagnostics.Debug.WriteLine("Server hashed value before convert" + serverHashwithSaltHashed);

        finalHashval = Convert.ToBase64String(serverHashwithSaltHashed);
        System.Diagnostics.Debug.WriteLine("Server hashed value " + finalHashval);


        //get
        string encryptedfirstname = HiddenFieldFirstNameEncrypted.Value;
        string encryptedlastname  = HiddenFieldLastNameEncrypted.Value;
        string encrypaddress      = HiddenFieldAddressEncrypted.Value;

        System.Diagnostics.Debug.WriteLine("dasdsa" + encryptedfirstname);
        System.Diagnostics.Debug.WriteLine(encryptedlastname);
        System.Diagnostics.Debug.WriteLine(encrypaddress);



        string passhashfromform = Session["md5hashforforgetpassplsthx"].ToString();


        string savetofirstname = encryptData(encryptedfirstname, passhashfromform, saltpls);
        string savetolastanme  = encryptData(encryptedlastname, passhashfromform, saltpls);
        string savetoaddress   = encryptData(encrypaddress, passhashfromform, saltpls);



        string encryptednric     = Session["encryptedforforgetpassthxnric"].ToString();
        string encryptedbirthday = Session["encryptedforforgetpassthxbirthday"].ToString();
        string encryotedphone    = Session["encryptedforforgetpassthxphone"].ToString();
        string encryptedemail    = Session["encryptedforforgetpassthxemail"].ToString();


        string usernamm = Session["forgetPassTosaveusername"].ToString();

        UserCustomer asc = new UserCustomer();

        asc.updateforForgetpass(usernamm, finalHashval, encryotedphone, savetoaddress, savetofirstname, savetolastanme, encryptedemail, encryptedbirthday, encryptednric);
        asc.updateuserattempts(usernamm, 0);



        Response.Redirect("successForgetPass.aspx");
    }
コード例 #8
0
    protected void Page_Load(object sender, EventArgs e)
    {
        string retrievemd5hash = TextBox6.Text;
        string salt            = TextBox5.Text;

        System.Diagnostics.Debug.WriteLine("retrieved md5 val" + retrievemd5hash);
        System.Diagnostics.Debug.WriteLine("salt value" + salt);

        string serversidecombine = retrievemd5hash + salt;

        System.Diagnostics.Debug.WriteLine("serverside combine" + serversidecombine);


        SHA512Managed hashing = new SHA512Managed();

        byte[] serverHashwithSaltHashed = hashing.ComputeHash(Encoding.UTF8.GetBytes(serversidecombine));

        string finalHashval = Convert.ToBase64String(serverHashwithSaltHashed);


        System.Diagnostics.Debug.WriteLine("serverside final hash val" + finalHashval);

        //decr

        byte[] Key;
        byte[] IV;



        System.Diagnostics.Debug.WriteLine("new te---------------------------------------------------------------");
        RijndaelManaged cipher = new RijndaelManaged();

        cipher.GenerateKey();
        Key = cipher.Key;
        IV  = cipher.IV;
        System.Diagnostics.Debug.Write("The guy key: ");
        for (int i = 0; i < Key.Length; i++)
        {
            System.Diagnostics.Debug.Write(Key[i] + " ");
        }
        System.Diagnostics.Debug.Write("IV: ");
        for (int i = 0; i < IV.Length; i++)
        {
            System.Diagnostics.Debug.Write(IV[i] + " ");
        }
        System.Diagnostics.Debug.WriteLine("The guy key: " + Key);
        System.Diagnostics.Debug.WriteLine("IV: " + IV);



        System.Diagnostics.Debug.WriteLine("Testing Retrieve Mtd ");
        UserCustomer custTest = new UserCustomer();

        custTest = custTest.getAllDataByName("123");
        System.Diagnostics.Debug.WriteLine("username " + custTest.Username);
        System.Diagnostics.Debug.WriteLine("hash " + custTest.Passwordhash);
        System.Diagnostics.Debug.WriteLine("salt " + custTest.Passwordsalt);
        System.Diagnostics.Debug.WriteLine("PhoneNo " + custTest.PhoneNo);
        System.Diagnostics.Debug.WriteLine("Address " + custTest.Address);
        System.Diagnostics.Debug.WriteLine("FirstName " + custTest.FirstName);
        System.Diagnostics.Debug.WriteLine("LastName " + custTest.LastName);
        System.Diagnostics.Debug.WriteLine("Email " + custTest.Email);
        System.Diagnostics.Debug.WriteLine("Birthday " + custTest.Birthday);
        System.Diagnostics.Debug.WriteLine("EmailVerified " + custTest.EmailVerified);
        System.Diagnostics.Debug.WriteLine("PhoneVerified " + custTest.PhoneVerified);
        System.Diagnostics.Debug.WriteLine("Nric " + custTest.Nric);
    }