Exemplo n.º 1
0
        private void login_button_Click(object sender, EventArgs e)
        {
            string user = textBox1.Text;
            string pass = textBox2.Text;

            connection.Open();
            string     cmd     = "select _username, _password, _pin, _ballance, _hash, _phoneNr from Users where _username=@user";
            SqlCommand command = new SqlCommand(cmd, connection);

            command.Parameters.AddWithValue("@user", user);
            SqlDataReader reader = command.ExecuteReader();

            if (reader.Read())
            {
                acc.user_name = reader["_username"].ToString();
                acc.pass      = reader["_password"].ToString();
                int p;
                int.TryParse(reader["_pin"].ToString(), out p);
                acc.pin = p;
                long b;
                long.TryParse(reader["_ballance"].ToString(), out b);
                acc.ballance = b;
                acc.hash     = reader["_hash"].ToString();
                acc.phone    = reader["_phoneNr"].ToString();
            }
            reader.Close();
            connection.Close();



            if (acc.user_name != null)
            {
                string passDecripted = Cripting.Decrypt(acc.pass, acc.hash);
                if (passDecripted == pass)
                {
                    isLoggedIn = 1;
                    if (checkPhoneverification(acc.phone, Cripting.GetRandomAlphanumericString(4)))
                    {
                        status_label.Text = " Login successful";
                        Form2 f2 = new Form2(acc);
                        f2.Show();
                        this.Hide();
                    }
                    else
                    {
                        status_label.Text = "message code incorrect";
                    }
                }
                else
                {
                    status_label.Text = "username or password incorrect";
                }
            }
        }
Exemplo n.º 2
0
        public void createAccount()
        {
            string        username      = "******";
            string        password      = "******";
            string        pin           = "1234";
            string        phone         = "+1234567890";
            string        hash          = username.GetHashCode().ToString() + password.GetHashCode().ToString();
            string        passEncripted = Cripting.Encrypt(password, hash);
            SqlConnection connection    = new SqlConnection("Data Source = DESKTOP ; Initial Catalog = bankAccounts ; Integrated Security=True");

            connection.Open();
            string     comm          = "Insert into Users values ('" + username + "', '" + passEncripted + "', " + pin + ", 0, '" + hash + "', '" + phone + "')";
            SqlCommand commandCreate = new SqlCommand(comm, connection);

            commandCreate.ExecuteNonQuery();
            connection.Close();
        }