/
SignUp.cs
141 lines (128 loc) · 4.62 KB
/
SignUp.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Windows.Forms;
using Oracle.DataAccess.Client;
using System.Security.Cryptography;
namespace WindowsFormsApp2
{
public partial class SignUp : Form
{
public SignUp()
{
InitializeComponent();
}
public String createSalt(int size)
{
var rng = new System.Security.Cryptography.RNGCryptoServiceProvider();
var buffer = new byte[size];
rng.GetBytes(buffer);
return Convert.ToBase64String(buffer);
}
public String GenerateSHA512Hash(String input, String salt)
{
byte[] bytes = System.Text.Encoding.UTF8.GetBytes(input + salt);
System.Security.Cryptography.SHA512Managed sha512 =
new System.Security.Cryptography.SHA512Managed();
byte[] hash = sha512.ComputeHash(bytes);
return BitConverter.ToString(hash).Replace("-", "");
}
public bool exists(String username)
{
bool flag = false;
OracleConnection con = new OracleConnection("Data Source=localhost;User Id=PROJECT;Password=anup;");
con.Open();
OracleCommand cmd = new OracleCommand();
cmd.Connection = con;
cmd.CommandText = "select * from signup where username='" + textBox1.Text + "'";
cmd.CommandType = CommandType.Text;
OracleDataReader rd = cmd.ExecuteReader();
while(rd.Read())
{
if (rd["username"].ToString() == textBox1.Text)
{
flag = true;
break;
}
else flag = false;
}
rd.Close();
con.Close();
return flag;
}
private void Button1_Click(object sender, EventArgs e)
{
// Sign Up form button
// Sign up rules:
// Username should be atleast 6 characters long
// password and confirm password should match and shouod be
// at least 8 characters long
// if username already exists, throw messagebox
// new user is assigned an eid automatically
String username = textBox1.Text;
String password = textBox2.Text;
String confirmPassword = textBox3.Text;
//check for nulls
if(username == "")
{
MessageBox.Show("Username cannot be empty!");
}
else if(password == "" || confirmPassword == "")
{
MessageBox.Show("Please Enter a Password");
}
else if(username.Length < 6)
{
MessageBox.Show("Username should be at least 6 characters long");
}
else if(password.Length < 8)
{
MessageBox.Show("Password should be atleast 8 characters long");
}
else if(password != confirmPassword)
{
MessageBox.Show("Passwords do not match!");
}
else if(exists(username))
{
MessageBox.Show("Username already exists!");
}
else
{
//TODO:
// add a salt to password
// store the salt and the salted password in the signup database
String salt = createSalt(10);
String hashedPass = GenerateSHA512Hash(textBox2.Text, salt);
OracleConnection con = new OracleConnection("Data Source=localhost;User Id=PROJECT;Password=anup;");
con.Open();
OracleCommand cmd = new OracleCommand();
cmd.Connection = con;
cmd.CommandText = "insert into signup values(ei.nextval,'" + textBox1.Text + "'," + "'" + salt + "','" + hashedPass + "')";
cmd.CommandType = CommandType.Text;
int rw = cmd.ExecuteNonQuery();
if (rw == 0)
{
MessageBox.Show("Unsuccessfull");
}
else
{
MessageBox.Show("Successfull!");
}
con.Close();
}
}
private void Button2_Click(object sender, EventArgs e)
{
form1.Form2 fn = new form1.Form2();
this.Hide();
fn.ShowDialog();
this.Close();
}
}
}