private bool Judge_password(string name, string password)
{
conn.Open();
SqlCommand cmd = new SqlCommand("select * from user_info where username = @UN", conn);
cmd.Parameters.Add("@UN", SqlDbType.VarChar, 50).Value = name;
SqlDataAdapter adapter = new SqlDataAdapter(cmd);
DataSet ds = new DataSet();
adapter.Fill(ds);
cmd.Dispose();
conn.Close();
string salt = ds.Tables[0].Rows[0][2].ToString();
string hash = ds.Tables[0].Rows[0][3].ToString();
if (CommonHandler.Get_hash(password, salt).Equals(hash))
{
return(true);
}
else
{
return(false);
}
}
private void ValidateAccount()
{
conn.Open();
SqlCommand cmd = new SqlCommand("select * from user_info where username=@Username", conn);
cmd.Parameters.Add("@Username", SqlDbType.VarChar, 50).Value = username.Text;
SqlDataAdapter adapter = new SqlDataAdapter(cmd);
DataSet ds = new DataSet();
adapter.Fill(ds);
cmd.Dispose();
conn.Close();
if (ds.Tables[0].Rows.Count == 0)
{
MessageBox.Show("Username no find!!!", "GG");
}
else
{
if (ds.Tables[0].Rows[0][3].ToString().Equals(CommonHandler.Get_hash(password.Text, ds.Tables[0].Rows[0][2].ToString())))
{
Hide();
UpdateAccount(username.Text);
Go_to_homepage(username.Text);
}
else
{
MessageBox.Show("Login fail!!!", "GG");
}
}
}
private void Change_Password(string name, string password)
{
string salt = CommonHandler.Get_salt();
conn.Open();
SqlCommand cmd = conn.CreateCommand();
cmd.CommandText = "update dbo.user_info set salt=@SALT, hash=@HASH where username = '******'";
cmd.Parameters.Add("@SALT", SqlDbType.VarChar, 50).Value = salt;
cmd.Parameters.Add("@HASH", SqlDbType.VarChar, 50).Value = CommonHandler.Get_hash(password, salt);
cmd.ExecuteNonQuery();
cmd.Dispose();
conn.Close();
}
private void Button1_Click(object sender, EventArgs e)
{
if (Valide(tb1.Text, tb2.Text, tb3.Text))
{
string ipv4 = NetworkHandler.GetLocalIP();
string salt = CommonHandler.Get_salt();
conn.Open();
SqlCommand cmd = new SqlCommand("insert into user_info(username,salt,hash,status,ip,answer) values(@UN, @SALT, @HASH,0,@IP,@AS)", conn);
cmd.Parameters.Add("@UN", SqlDbType.VarChar, 50).Value = tb1.Text;
cmd.Parameters.Add("@SALT", SqlDbType.VarChar, 50).Value = salt;
cmd.Parameters.Add("@HASH", SqlDbType.VarChar, 50).Value = CommonHandler.Get_hash(tb2.Text, salt);
cmd.Parameters.Add("@IP", SqlDbType.VarChar, 50).Value = ipv4;
cmd.Parameters.Add("@AS", SqlDbType.VarChar, 50).Value = tb4.Text;
cmd.ExecuteNonQuery();
cmd.Dispose();
Bitmap bitmap = new Bitmap("../../Image/default_avatar.png");
bitmap = (Bitmap)CommonHandler.ResizeImage(bitmap, new Size(75, 75));
string avatarStr = CommonHandler.ImgToBase64String(bitmap);
string backgroundStr = CommonHandler.ImgToBase64String("../../Image/default_background.png");
SqlCommand insert = new SqlCommand("insert into user_picture (username, user_avatar, user_background) values(@UN, @UA, @UB)", conn);
insert.Parameters.Add("@UN", SqlDbType.VarChar).Value = tb1.Text;
insert.Parameters.Add("@UA", SqlDbType.VarChar).Value = avatarStr;
insert.Parameters.Add("@UB", SqlDbType.VarChar).Value = backgroundStr;
insert.ExecuteNonQuery();
insert.Dispose();
conn.Close();
MessageBox.Show("Register successfully!", "STATE");
To_HomePage(tb1.Text);
}
}