Пример #1
0
        //to create new user
        private void BtnCreate_Click(object sender, EventArgs e)
        {
            DB       database = new DB();
            HashTech hash     = new HashTech();

            string username = tbUser.Text;
            string salt     = null;
            string password = hash.GeneratePasswordHash(tbPassword.Text, out salt);

            //if the password and confirm password is match
            if (tbPassword.Text != tbConfirmPassword.Text)
            {
                lblMessage.Text = "Password not match";
            }
            else
            {
                DataTable        table   = new DataTable();
                MySqlDataAdapter adapter = new MySqlDataAdapter();

                MySqlCommand command = new MySqlCommand("SELECT * FROM `usertable` WHERE `username` = @user", database.GetConn());

                command.Parameters.Add("@user", MySqlDbType.VarChar).Value = username;

                adapter.SelectCommand = command;
                adapter.Fill(table);

                //if there is no same username, create new user
                if (table.Rows.Count == 0)
                {
                    DataTable        table2   = new DataTable();
                    MySqlDataAdapter adapter2 = new MySqlDataAdapter();

                    MySqlCommand command2 = new MySqlCommand("INSERT INTO `usertable`(`Username`, `Password`,`salt`) VALUES (@user2,@password,@salt)", database.GetConn());

                    command2.Parameters.Add("@user2", MySqlDbType.VarChar).Value    = username;
                    command2.Parameters.Add("@password", MySqlDbType.VarChar).Value = password;
                    command2.Parameters.Add("@salt", MySqlDbType.VarChar).Value     = salt;

                    adapter2.SelectCommand = command2;
                    adapter2.Fill(table2);

                    MessageBox.Show("Sucessfully create new user.");

                    this.Hide();
                    MusicPlayerForm MusicPlayerForm = new MusicPlayerForm(tbUser.Text);
                    MusicPlayerForm.Show();
                }
                else
                {
                    lblMessage.Text = "The user already exist";
                }
            }
        }
Пример #2
0
        //to log in user
        private void BtnLogin_Click(object sender, EventArgs e)
        {
            DB       database = new DB();
            HashTech hash     = new HashTech();

            //get the input string
            string username = tbUser.Text;
            string password = tbPassword.Text;

            database.OpenConnection();

            //get the password and username
            MySqlCommand command = new MySqlCommand("SELECT `password`,`salt` FROM `usertable` WHERE `username` = @user", database.GetConn());

            command.Parameters.Add("@user", MySqlDbType.VarChar).Value = username;

            MySqlDataReader login = command.ExecuteReader();

            if (login.Read())
            {
                string resultPassword = login.GetString("password");
                string resultSalt     = login.GetString("salt");

                bool isMatch = hash.IsPasswordMatch(password, resultSalt, resultPassword);
                //if the hash password is match
                if (isMatch)
                {
                    string user = tbUser.Text;
                    this.Hide();
                    MusicPlayerForm MusicPlayerForm = new MusicPlayerForm(user);
                    MusicPlayerForm.Show();
                }
                else
                {
                    lblMessage.Text = "Incorrect";
                }
            }
        }