Exemplos de CState_TeamC_Capstone HashSalt.VerifySaltedHash em C# (CSharp)

Linguagem de programação: C# (CSharp)

Espaço para nome / nome do pacote: CState_TeamC_Capstone

Classe / Tipo: HashSalt

Método / Função: VerifySaltedHash

Exemplos em hotexamples.com: 2

CState_TeamC_Capstone HashSalt.VerifySaltedHash em C# (CSharp) - 2 exemplos encontrados. Esses são os exemplos do mundo real mais bem avaliados de CState_TeamC_Capstone.HashSalt.VerifySaltedHash em C# (CSharp) extraídos de projetos de código aberto. Você pode avaliar os exemplos para nos ajudar a melhorar a qualidade deles.

Métodos Frequentes

Exibir Ocultar

GenerateHashString(2)

GenerateSaltedHash(2)

VerifySaltedHash(2)

Métodos Frequentes

GenerateHashString (2)

GenerateSaltedHash (2)

VerifySaltedHash (2)

Relacionados

ReadVideoFile

MockTwitterApi

btInterfaceRootNode

IAppointmentForm

PathFigureCollection

SpSyncAgent

ConsoleProvider

CapaEntityFramework.Comentario

ts_call.Icall

MP4Player

Related in langs

make_2d (PHP)

Entity\Reflection (PHP)

_extensionAddInstanceExtensions (C++)

scatter_copy (C++)

MkdirAll (Go)

New (Go)

PageTagExport (Java)

CliClient (Java)

get_size (Python)

Canvas (Python)

Exemplo n.º 1

0

Exibir arquivo

Arquivo: signIn.aspx.cs Projeto: kezizhou/CState_TeamC_Capstone

protected void btnSubmit_Click(object sender, EventArgs e) { try { // Hide new user message if showing if (strType != "") { message.InnerText = "Incorrect username or password entered."; message.Attributes.Add("class", message.Attributes["class"].ToString().Replace("message", "invalidInput")); message.Style["display"] = "none"; } string strUsername = Request.Form["txtUsername"]; string strEnteredPassword = Request.Form["txtPassword"]; conn.Open(); string qry = "SELECT * FROM Data.Employee WHERE Username = @username"; using (SqlCommand cmd = new SqlCommand(qry, conn)) { var usernameParam = new SqlParameter("@username", System.Data.SqlDbType.VarChar); usernameParam.Value = strUsername; cmd.Parameters.Add(usernameParam); SqlDataReader sdr = cmd.ExecuteReader(); if (sdr.Read()) { string strHash = sdr["Password"].ToString(); string strSalt = sdr["Salt"].ToString(); // Check if password hashes and salt match bool passwordMatches = HashSalt.VerifySaltedHash(strEnteredPassword, strHash.Trim(), strSalt.Trim()); if (passwordMatches) { // Sign-in successful Session["User_ID"] = sdr["Person_ID"]; FormsAuthentication.SetAuthCookie(sdr["Username"].ToString(), false); cmd.Dispose(); conn.Close(); Response.Redirect("Home.aspx"); } else { // Incorrect password cmd.Dispose(); conn.Close(); message.Style["display"] = "block"; } } else { // Username not found cmd.Dispose(); conn.Close(); message.Style["display"] = "block"; } } } catch (Exception ex) { Response.Write(ex.Message); } }

Exemplo n.º 2

0

Exibir arquivo

protected void btnResetCredentials_Click(object sender, EventArgs e) { try { string strFirstName = Request.Form["txtFirstName"]; string strLastName = Request.Form["txtLastName"]; string strEmail = Request.Form["txtEmail"]; string strUsername = ""; string qry = ""; SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["sqlConn"].ToString()); conn.Open(); if (Request.Form["txtUsername"] != "") { // Forgot password strUsername = Request.Form["txtUsername"]; qry = "SELECT * FROM Data.Employee WHERE First_Name = @firstname AND Last_Name = @lastname AND Email = @email AND Username = @username"; using (SqlCommand cmd = new SqlCommand(qry, conn)) { var firstNameParam = new SqlParameter("@firstname", System.Data.SqlDbType.VarChar); firstNameParam.Value = strFirstName; cmd.Parameters.Add(firstNameParam); var lastNameParam = new SqlParameter("@lastname", System.Data.SqlDbType.VarChar); lastNameParam.Value = strLastName; cmd.Parameters.Add(lastNameParam); var emailParam = new SqlParameter("@email", System.Data.SqlDbType.VarChar); emailParam.Value = strEmail; cmd.Parameters.Add(emailParam); var usernameParam = new SqlParameter("@username", System.Data.SqlDbType.VarChar); usernameParam.Value = strUsername; cmd.Parameters.Add(usernameParam); SqlDataReader sdr = cmd.ExecuteReader(); if (sdr.Read()) { // Matching user found int intID = (int)sdr["Person_ID"]; strUsername = sdr["Username"].ToString(); // Send reset password email sendResetEmail(intID, strUsername, strEmail); } cmd.Dispose(); conn.Close(); } } else if (Request.Form["txtPassword"] != "") { // Forgot username string strEnteredPassword = Request.Form["txtPassword"]; qry = "SELECT * FROM Data.Employee WHERE First_Name = @firstname AND Last_Name = @lastname AND Email = @email"; using (SqlCommand cmd = new SqlCommand(qry, conn)) { var firstNameParam = new SqlParameter("@firstname", System.Data.SqlDbType.VarChar); firstNameParam.Value = strFirstName; cmd.Parameters.Add(firstNameParam); var lastNameParam = new SqlParameter("@lastname", System.Data.SqlDbType.VarChar); lastNameParam.Value = strLastName; cmd.Parameters.Add(lastNameParam); var emailParam = new SqlParameter("@email", System.Data.SqlDbType.VarChar); emailParam.Value = strEmail; cmd.Parameters.Add(emailParam); SqlDataReader sdr = cmd.ExecuteReader(); if (sdr.Read()) { // Matching user found strUsername = sdr["Username"].ToString(); string strHash = sdr["Password"].ToString(); string strSalt = sdr["Salt"].ToString(); // Check if password hashes and salt match bool passwordMatches = HashSalt.VerifySaltedHash(strEnteredPassword, strHash, strSalt); if (passwordMatches) { // Send forgot username email if password is correct sendForgotUsernameEmail(strUsername, strEmail); } } cmd.Dispose(); conn.Close(); } } // Redirect to email sent page // This displays for invalid credentials as well so malicious users are not able to find valid usernames to attack Response.Redirect("reset.aspx?type=resetEmailSent"); } catch (Exception ex) { Response.Write(ex.Message); } }