/* * --- ^ SignIn Handling ^ --- */ /* * --- SignUp Handling --- */ private void btnSignup_Click(object sender, EventArgs e) { // --- confirmation with message box --- string message = "Do you want to Save the changes?"; string title = "Please Confirm!"; MessageBoxButtons buttons = MessageBoxButtons.YesNo; DialogResult result = MessageBox.Show(message, title, buttons, MessageBoxIcon.Warning); if (result == DialogResult.Yes) { if (txtpassword.Text == txtconfirmpassword.Text) { DbHandler db = new DbHandler(); MySqlCommand cmd = new MySqlCommand("INSERT INTO `student`(`indexno`,`firstname`,`lastname`,`address`,`gender`,`dob`,`email`,`faculty`,`mobile`,`password`,`salt`,`image`)VALUES(@index, @firstname, @lastname, @address, @gender, @dob, @email, @faculty, @mobile, @password, @salt, @image);", db.getConnection()); // --- image --- MemoryStream ms = new MemoryStream(); pictureBox1.Image.Save(ms, pictureBox1.Image.RawFormat); byte[] img = ms.ToArray(); // ------------- var salt = hashSalt.generateSalt(); // generates random salt type string var byteSalt = hashSalt.saltToByte(salt); // gets byte[] from salt string cmd.Parameters.Add("@index", MySqlDbType.VarChar).Value = txtindex.Text; cmd.Parameters.Add("@firstname", MySqlDbType.VarChar).Value = txtfname.Text; cmd.Parameters.Add("@lastname", MySqlDbType.VarChar).Value = txtlname.Text; cmd.Parameters.Add("@address", MySqlDbType.VarChar).Value = txtaddress.Text; cmd.Parameters.Add("@gender", MySqlDbType.VarChar).Value = getGender(); cmd.Parameters.Add("@dob", MySqlDbType.Date).Value = dateDob.Value.Date; cmd.Parameters.Add("@email", MySqlDbType.VarChar).Value = txtemail.Text; cmd.Parameters.Add("@faculty", MySqlDbType.VarChar).Value = cmbfaculty.GetItemText(cmbfaculty.SelectedItem); cmd.Parameters.Add("@mobile", MySqlDbType.VarChar).Value = txtmobile.Text; cmd.Parameters.Add("@password", MySqlDbType.VarChar).Value = hashSalt.generateHash(txtpassword.Text, byteSalt); // get (password+salt) hashed from db cmd.Parameters.Add("@salt", MySqlDbType.VarChar).Value = salt; cmd.Parameters.Add("@image", MySqlDbType.Blob).Value = img; db.openConnection(); // open connection // execute query if (cmd.ExecuteNonQuery() == 1) { MessageBox.Show("Record added!", "Success!", MessageBoxButtons.OK, MessageBoxIcon.Information); } else { MessageBox.Show("Failed!, please retry", "Error!", MessageBoxButtons.OK, MessageBoxIcon.Error); } db.openConnection(); // close connection } else { // --- password confirmation failed msg --- DialogResult r = MessageBox.Show("Password Confirmation failed?", "Error!", MessageBoxButtons.OK, MessageBoxIcon.Warning); txtpassword.Focus(); } } else { // Do something } }