protected void existinguser_Validate(object source, ServerValidateEventArgs args)
{
UserCustomer customer = new UserCustomer();
List <String> usernamelist = customer.getAllUserName();
//auto random data insert to db incase of failure; prevent null
try
{
System.Diagnostics.Debug.WriteLine("validator custom check " + usernamelist.Count + usernamelist[0]);
}
catch (Exception e)
{
string dummydata = "091dummydataOnlyonce";
UserCustomer n = new UserCustomer(dummydata, dummydata, dummydata, dummydata, dummydata, dummydata, dummydata, dummydata, dummydata, dummydata, dummydata, dummydata, dummydata);
n.CustomerInsert();
}
string currentUsername = Username.Text;
int valtest = 0;
for (int i = 0; i < usernamelist.Count; i++)
{
if (currentUsername.Equals(usernamelist[i]))
{
valtest++;
}
System.Diagnostics.Debug.WriteLine("Usernames in list :" + usernamelist[i]);
}
if (valtest != 0)
{
args.IsValid = false;
}
else
{
args.IsValid = true;
}
}
protected void Button1_Click1(object sender, EventArgs e)
{
if (Page.IsValid)
{
System.Diagnostics.Debug.WriteLine("testing");
// Response.Redirect("errorxss.aspx", false);
//captcha start :)
var encodedResponse = Request.Form["g-Recaptcha-Response"];
System.Diagnostics.Debug.WriteLine(encodedResponse);
var isCaptchaValid = ReCaptcha.Validate(encodedResponse);
System.Diagnostics.Debug.WriteLine(isCaptchaValid);
//done at the customvalidator side
if (!isCaptchaValid)
{
System.Diagnostics.Debug.WriteLine("Captcha failure");
// E.g. Return to view or set an error message to visible
}
//captcha end :(
//String a = TextBox1.Text;
//String c = Text1.Value.ToString();
//System.Diagnostics.Debug.WriteLine("testing 1 " + a);
//System.Diagnostics.Debug.WriteLine("testing 1 " + c);
System.Diagnostics.Debug.WriteLine("testing");
System.Diagnostics.Debug.WriteLine("Password is: " + TextBox1.Text);
System.Diagnostics.Debug.WriteLine("Salt value: " + HiddenFieldForSalt.Value);
System.Diagnostics.Debug.WriteLine("Cipher received from first name: " + HiddenFieldFirstNameEncrypted.Value);
System.Diagnostics.Debug.WriteLine("Cipher received from last name: " + HiddenFieldLastNameEncrypted.Value);
System.Diagnostics.Debug.WriteLine("Cipher received from address: " + HiddenFieldAddressEncrypted.Value);
System.Diagnostics.Debug.WriteLine("Cipher received from birthday: " + HiddenFieldBirthdayEncrypted.Value);
System.Diagnostics.Debug.WriteLine("Cipher received from nric: " + HiddenFieldNricEncrypted.Value);
string uUsername = Server.HtmlEncode(Username.Text);
string uPasswordhash = TextBox1.Text;
string uPasswordSalt = HiddenFieldForSalt.Value;
string uFirstName = HiddenFieldFirstNameEncrypted.Value;
string uLastName = HiddenFieldLastNameEncrypted.Value;
string uPhoneNo = Server.HtmlEncode(phoneNumberInput.Text);
string uAddress = HiddenFieldAddressEncrypted.Value;
string uEmail = Server.HtmlEncode(emailInput.Text);
string uBirthday = HiddenFieldBirthdayEncrypted.Value;
string uemailverified = "false";
string uphoneVerified = "false";
string uNric = HiddenFieldNricEncrypted.Value;
//hash on server side
SHA512Managed hashing = new SHA512Managed();
string finalHashval;
string serverhashwithSaltText = uPasswordhash + uPasswordSalt;
System.Diagnostics.Debug.WriteLine("combining salt" + serverhashwithSaltText);
byte[] serverHashwithSaltHashed = hashing.ComputeHash(Encoding.UTF8.GetBytes(serverhashwithSaltText));
System.Diagnostics.Debug.WriteLine("Server hashed value before convert" + serverHashwithSaltHashed);
finalHashval = Convert.ToBase64String(serverHashwithSaltHashed);
System.Diagnostics.Debug.WriteLine("Server hashed value " + finalHashval);
// System.Diagnostics.Debug.WriteLine("DEBUGGING__???");
//
// string teststring = "hello";
//
// byte[] encodedteststring = hashing.ComputeHash(Encoding.UTF8.GetBytes(teststring));
//
// string resultingtest = Convert.ToBase64String(encodedteststring);
//
// System.Diagnostics.Debug.WriteLine("test hash val " + resultingtest);
//todo look into this for rfc2928 for key derivation
byte[] salttoByte = Convert.FromBase64String(uPasswordSalt);
System.Diagnostics.Debug.WriteLine(" ");
System.Diagnostics.Debug.Write("Salt in byte array: ");
for (int i = 0; i < salttoByte.Length; i++)
{
System.Diagnostics.Debug.Write(salttoByte[i]);
}
//metd for encrypot
string encryptedPhone = encryptData(uPhoneNo, uPasswordhash, salttoByte);
string enryptedAddress = encryptData(uAddress, uPasswordhash, salttoByte);
string encryptedFirstName = encryptData(uFirstName, uPasswordhash, salttoByte);
string encryptedLastName = encryptData(uLastName, uPasswordhash, salttoByte);
string encryptedEmail = encryptData(uEmail, uPasswordhash, salttoByte);
string encryptedBirthday = encryptData(uBirthday, uPasswordhash, salttoByte);
string encryptedNric = encryptData(uNric, uPasswordhash, salttoByte);
Session["nextPageUserRegEMail"] = uEmail;
Session["nextPageUserRegPhone"] = uPhoneNo;
Session["nextPageUserReg"] = uUsername;
UserCustomer newuser = new UserCustomer(uUsername, finalHashval, uPasswordSalt, encryptedPhone, enryptedAddress, encryptedFirstName, encryptedLastName, encryptedEmail, encryptedBirthday, uemailverified, uphoneVerified, encryptedNric, HiddenFieldForsavingHashOfForget.Value.Trim());
newuser.CustomerInsert();
Fund fd = new Fund(uUsername, 0.0);
fd.FundInsertNewUserOnly();
Response.Redirect("userRegisterInputConf.aspx");
}
}