private void SetPassword(string user, string userPassword)
{
string username = txtUsername.Text;
string password = txtPassword.Text;
string email = txtEmail.Text;
string salt = MyCrypto.getSalt();
string HashPassword = MyCrypto.CalcSaltedPass(salt, password);
SQL = "UPDATE DATA SET saltedpassword="******"WHERE username = "******"; ";
if (IsValidEmail(email) == true)
{
SQL = "INSERT INTO mylogin.data(username,salt,saltedpassword,email) VALUES('" + username + "','" + salt + "','" + HashPassword + "','" + email + "');";
}
else
{
MessageBox.Show("Invalid email address");
}
}
private void LogIn()
{
if (txtUsername.Text == "" || txtPassword.Text == "")
{
MessageBox.Show("Please provide UserName and Password");
return;
}
else
{
try
{
string username = txtUsername.Text;
string password = txtPassword.Text;
SQL = "SELECT salt,saltedpassword FROM mylogin.data where username =? ;";
cmd.CommandText = SQL;
cmd.Parameters.Clear();
cmd.Parameters.AddWithValue("@username", username);
reader = cmd.ExecuteReader();
if (reader.RecordsAffected == 0)
{
MessageBox.Show("Wrong Username");
return;
}
reader.Read();
string salt = reader["salt"].ToString();
string dbPass = reader["saltedpassword"].ToString();
string HashPassword = MyCrypto.CalcSaltedPass(salt, password);
if (HashPassword == dbPass)
{
MessageBox.Show("You are now logged in");
System.Diagnostics.Process p = System.Diagnostics.Process.Start("calc.exe");//You can call other forms , window programs etc.
}
else
{
MessageBox.Show("Wrong Password");
}
}
catch (Exception ex)
{
MessageBox.Show(ex.Message, "oops!",
MessageBoxButtons.OK,
MessageBoxIcon.Information);
}
finally
{
try
{
reader.Close();
}
catch (Exception ex)
{
MessageBox.Show(ex.Message, "oops!",
MessageBoxButtons.OK,
MessageBoxIcon.Information);
}
}
}
}