コード例 #1
0
        protected void lgnbtn_Click(object sender, EventArgs e)
        {
            // Connects to the database
            using (ArcEncaseEntities dbc = new ArcEncaseEntities())
            {
                // Saves the entered username into a string (for later use)
                string usrnmFld = usrnme.Text.Trim();

                // Gets the two salt-values (for the user) from the database
                var getSlt = (from user in dbc.arcencase_usrs
                              where user.aenc_usrs_usrsnme == usrnme.Text.Trim()
                              select new
                              {
                                  firstsalt = user.aenc_usrs_usrssaltfrst,
                                  lastsalt = user.aenc_usrs_usrssaltlst
                              });

                // Checks if the above query gives any users (from the database)
                if (getSlt.Count() > 0)
                {
                    // Connect the salt to the salthandler-variable
                    var saltHndlr = getSlt.SingleOrDefault();

                    // Instantiate the class with methods
                    // for generating salt and hashed passwords
                    HashPswdGeneratorHandler hpg = new HashPswdGeneratorHandler();

                    // Combines the first salt with the entered password and the last salt into a hash
                    string hshdPswd = hpg.GetHashedPassword(saltHndlr.firstsalt, paswds.Text.Trim(), saltHndlr.lastsalt);

                    // Gets the usergroup for the entered username (from the database)
                    var getUsrGRP = from user in dbc.arcencase_usrs
                                    where user.aenc_usrs_usrsnme == usrnme.Text.Trim()
                                    select user.arcencase_usrsgrps.aenc_grps_grpsname;

                    // Saves the usergroup (for the user) into a string (for later use)
                    string usrnGRP = getUsrGRP.SingleOrDefault();

                    // Gets the userid for the entered username (from the database)
                    var getUsrID = from user in dbc.arcencase_usrs
                                   where user.aenc_usrs_usrsnme == usrnme.Text.Trim()
                                   select user.aenc_usrs_usrsid;

                    // Saves the userid (for the user) into a variable (for later use)
                    int usrnID = getUsrID.SingleOrDefault();

                    // Compares the entered username and password against the database
                    var queryCnt = from user in dbc.arcencase_usrs
                                   where user.aenc_usrs_usrsnme == usrnme.Text.Trim()
                                    && user.aenc_usrs_usrspswd == hshdPswd
                                   select user;

                    // If the above query (against the database) holds a user with
                    // the right given credentials ...
                    if (queryCnt.Count() > 0)
                    {
                        // ... set up some sessions and
                        // redirect the user to the
                        // "music"-page
                        usrnme.Text = null;
                        paswds.Text = null;
                        Session["usrnme"] = usrnmFld;
                        Session["usrnid"] = usrnID;
                        Session["usrngrp"] = usrnGRP;
                        Response.Redirect("~/Category/Music.aspx", false);
                    }
                }
                usrnme.Text = null;
                paswds.Text = null;
                usrnme.Focus();
            }
        }
コード例 #2
0
        // Method that inserts a new user into the database
        protected void EntityDataSourceGeneral_Inserting(object sender, EntityDataSourceChangingEventArgs e)
        {
            // Hides the error-layer
            msgDv.Visible = false;
            int errCnter = 0;

            // Checks if the username exists before in the database. If it does - then save the
            // number of 1 to the errCnter variable above
            TextBox usern = dbListView.InsertItem.FindControl("usrs_usrsnmeTextBox") as TextBox;
            using (ArcEncaseEntities db = new ArcEncaseEntities())
            {
                var query = from user in db.arcencase_usrs
                            where user.aenc_usrs_usrsnme == usern.Text.Trim()
                            select user.aenc_usrs_usrsnme;
                if (query.Count() > 0)
                {
                    errCnter = 1;
                }
            }

            // If the username not exists in the database - add it ...
            if (errCnter == 0)
            {
                HashPswdGeneratorHandler hpg = new HashPswdGeneratorHandler();
                string nwSalt1 = hpg.GenerateSalt();
                string nwSalt2 = hpg.GenerateSalt();
                arcencase_usrs dbUsrs = e.Entity as arcencase_usrs;
                dbUsrs.aenc_usrs_usrssaltfrst = nwSalt1.ToString();
                dbUsrs.aenc_usrs_usrssaltlst = nwSalt2.ToString();
                TextBox pswrdet = dbListView.InsertItem.FindControl("usrs_usrspswdTextBox") as TextBox;
                dbUsrs.aenc_usrs_usrspswd = hpg.GetHashedPassword(nwSalt1, pswrdet.Text.Trim(), nwSalt2);
            }
            // ... or show an error message if it does
            else
            {
                e.Cancel = true;
                msgDv.Visible = true;
                msgDv.Attributes.Add("class", "errorMsg");
                msgs.Attributes.Add("class", "errorMsg");
                msgs.Attributes.Add("class", "whiteText");
                string errTxt = "User could not be added because the username is already taken!";
                msgs.Text = errTxt;
                ScriptManager.RegisterStartupScript(this, this.GetType(), "key", "alert('" + errTxt + "');", true);
            }
        }