|
|
This is only a preview of the paper
Click here to register and get the full text.
Existing members click here to login
|
|
|
using System; using System.Collections; using System.ComponentModel; using System.Configuration; using System.Data; using System.Data.SqlClient; using System.Drawing; using System.Web; using System.Web.SessionState; using System.Web.UI; using System.Web.UI.WebControls; using System.Web.UI.HtmlControls; using System.Web.Security; using System.Security.Cryptography; namespace CMT { /// /// Summary description for Login. /// public class Login : System.Web.UI.Page { protected System.Web.UI.WebControls.Label Label3; protected System.Web.UI.WebControls.Button Button1; protected System.Web.UI.WebControls.TextBox TextBox1; protected System.Web.UI.WebControls.Label Label2; protected System.Web.UI.WebControls.TextBox TextBox2; protected System.Web.UI.WebControls.Image Image1; protected System.Web.UI.WebControls.Label Label4; protected System.Web.UI.WebControls.Button Button2; protected System.Web.UI.WebControls.Label Label1; private static string CreateSalt(int size) { RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider(); byte[] buff = new byte[size]; return Convert.ToBase64String(buff); } private static string CreatePasswordHash(string pwd, string salt) { string saltAndPwd = String.Concat(pwd, salt); string hashedPwd = FormsAuthentication.HashPasswordForStoringInConfigFile(saltAndPwd, "SHA1"); return hashedPwd; } private void StoreAccountDetails(string userName, string passwordHash, string salt) { SqlConnection conn = new SqlConnection(ConfigurationSettings.AppSettings["ConnectionString"]); SqlCommand cmd = new SqlCommand ("RegisterUser", conn); cmd.CommandType = CommandType.StoredProcedure; SqlParameter sqlParam = null; sqlParam = cmd.Parameters.Add("@userName", SqlDbType.VarChar, 255); sqlParam.Value =userName; sqlParam = cmd.Parameters.Add("@passwordHash ", SqlDbType.VarChar, 40); sqlParam.Value = passwordHash; sqlParam = cmd.Parameters.Add("@salt", SqlDbType.VarChar, 10); sqlParam.Value =salt; try { conn.Open(); cmd.ExecuteNonQuery(); } catch(Exception ex) { throw new Exception("Registration Complete"); } finally { conn.Close(); } } private bool VerifyPassword(string suppliedUserName, string suppliedPassword) { bool passwordMatch = false; SqlConnection conn = new SqlConnection(ConfigurationSettings.AppSettings["ConnectionString"]) ; SqlCommand cmd = new SqlCommand("LookupUser", conn); cmd.CommandType = CommandType.StoredProcedure; SqlParameter sqlParam = cmd.Parameters.Add("@userName", SqlDbType.VarChar,255); sqlParam.Value = suppliedUserName; try { conn.Open(); SqlDataReader reader = cmd.ExecuteReader(); reader.Read(); string dbPasswordHash = reader.GetString(0); string salt = reader.GetString(1); reader.Close(); string passwordAndSalt = String.Concat(suppliedPassword, salt); string hashedPasswordAndSalt = FormsAuthentication.HashPasswordForStoringInConfigFile(passwordAndSalt,"SHA1"); passwordMatch = hashedPasswordAndSalt.Equals(dbPasswordHash); } catch (Exception ex) { throw new Exception (ex.Message); } finally { conn.Close(); } return passwordMatch; } private void Page_Load(object sender, System.EventArgs e) { // Put user code to initialize the page here } #region Web Form Designer generated code override protected void OnInit(EventArgs e) { // // CODEGEN: This call is required by the ASP.NET Web Form Designer.
Approximate Word count = 511
Approximate Pages = 2
(250 words per page double spaced)
|
|
|
|
|
|