protected void CreateAccountButton_Click(object sender, EventArgs e) { // unpack everything string username = UsernameTextbox.Text; string password = PasswordTextbox.Text; string confirmedPassword = PasswordConfirmationTextbox.Text; // first confirm that these passwords are the same if (password != confirmedPassword) { ErrorLabel.Text = "Passwords do not match!"; return; } if (password.Length == 0 || username.Length == 0 || confirmedPassword.Length == 0) { ErrorLabel.Text = "All fields must be filled in!"; ErrorLabel.ForeColor = Color.Red; return; } string passwordEncrypted = new SuperTopSecreteEncryption().Encrypt(password); writeInNewMember(username, passwordEncrypted); Response.Redirect("Member.aspx"); }
protected void handleDecrypt(object sender, EventArgs e) { // okay so encrypt the text and make it appear on the screen if (EncryptionTextbox.Text == "") { EncryptionResultsText.Text = "Cannot be empty!"; EncryptionResultsText.ForeColor = Color.Red; } SuperTopSecreteEncryption crypt = new SuperTopSecreteEncryption(); try { EncryptionResultsText.Text = crypt.Decrypt(EncryptionTextbox.Text); } catch (Exception) { EncryptionResultsText.Text = "Decryption failed!"; EncryptionResultsText.ForeColor = Color.Red; } }
protected void Login1_Authenticate1(object sender, AuthenticateEventArgs e) { Boolean loginSuccessful = false; XmlTextReader xmlTextReader = new XmlTextReader(HttpContext.Current.Server.MapPath("App_Data/Staff.xml")); SuperTopSecreteEncryption crypt = new SuperTopSecreteEncryption(); string userProvidedUsername = Login1.UserName; string userProvidedPassword = Login1.Password; string retrievedPassword; string retrievedUsername; if (xmlTextReader == null) { loginSuccessful = false; Login1.FailureText = "AN error has occured, contact your administrator"; return; } // now iterate throught the user name and password combinations while (xmlTextReader.Read()) { if (loginSuccessful) { break; } if (xmlTextReader.Name == "Username") { // this is a user name. Capture it retrievedUsername = xmlTextReader.Value.ToString(); // Now retrieve the password while (xmlTextReader.Read()) { if (loginSuccessful) { break; } if (xmlTextReader.Name == "Password") { xmlTextReader.Read(); // now capture this password retrievedPassword = xmlTextReader.Value.ToString(); // encrypt the password and see if they match if (xmlTextReader.Value.ToString() == Login1.Password) { // if they do match, then we're good. Otherwise loginSuccessful = true; // now we want to authenticate the user Response.Cookies.Add(new HttpCookie("staff-cookie", FormsAuthentication.Encrypt( new FormsAuthenticationTicket( 1, userProvidedUsername, DateTime.Now, DateTime.Now.AddMinutes(60), Login1.RememberMeSet, "a staff" )))); xmlTextReader.Close(); break; } } } } } e.Authenticated = loginSuccessful; if (loginSuccessful) { FormsAuthentication.RedirectFromLoginPage(userProvidedUsername, Login1.RememberMeSet); Response.Redirect("/Staff.aspx"); } }
protected void Login1_Authenticate(object sender, AuthenticateEventArgs e) { bool loginSuccessful = false; // If the form has been submitted, then lets start validating the input try { xmlTextReader = new XmlTextReader(HttpContext.Current.Server.MapPath(appDataPath)); if (xmlTextReader == null) { loginSuccessful = false; Login1.FailureText = "An error has occured, please contact your administrator"; return; } string retrievedUsername; string retrievedPassword; string encryptedPassword; string userProvidedLogin = Login1.UserName; string userProvidedPassword = Login1.Password; crypt = new SuperTopSecreteEncryption(); encryptedPassword = crypt.Encrypt(userProvidedPassword); Login1.FailureText = encryptedPassword; while (xmlTextReader.Read()) { if (loginSuccessful) { break; } if (xmlTextReader.Name == "Username") { xmlTextReader.Read(); retrievedUsername = xmlTextReader.Value.ToString(); if (retrievedUsername == userProvidedLogin) { while (xmlTextReader.Read()) { if (xmlTextReader.Name == "Password") { xmlTextReader.Read(); retrievedPassword = xmlTextReader.Value.ToString(); encryptedPassword = crypt.Encrypt(userProvidedPassword); if (retrievedPassword == encryptedPassword) { // authentication successful loginSuccessful = true; HttpCookie cookie; cookie = new HttpCookie("non-privileged-user-cookie", FormsAuthentication.Encrypt( new FormsAuthenticationTicket( 1, Login1.UserName, DateTime.Now, DateTime.Now.AddHours(1), Login1.RememberMeSet, "a user" ))); Response.Cookies.Add(cookie); break; } } } } } } } catch (Exception) { Login1.FailureText = "an exception has occured!"; return; } if (loginSuccessful) { e.Authenticated = true; FormsAuthentication.RedirectFromLoginPage(Login1.UserName, Login1.RememberMeSet); // Redirect the user to the right page Response.Redirect("~/Member.aspx"); } else { e.Authenticated = false; } }