Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- try
- {
- SqlConnection conn = new SqlConnection("Server=.; Database=LoginDatabase; Trusted_Connection=True;");
- conn.Open();
- SqlCommand cmd = new SqlCommand("select Passhash, UserID, Username from Userdata where Username=@Username", conn);
- cmd.Parameters.AddWithValue("@UserName", Uname.Text);
- SqlDataReader reader = cmd.ExecuteReader();
- reader.Read();
- string sHash = (string)reader[0];
- int UserID = (Int32)reader[1];
- string Username = (string)reader[2];
- reader.Close();
- if (BCrypt.Net.BCrypt.Verify(Pword.Text, sHash))
- {
- if (BCrypt.Net.BCrypt.PasswordNeedsRehash(sHash, 13))
- {
- SqlCommand update = new SqlCommand("Update Userdata set Passhash=@PHash Where Username=@Username", conn);
- update.Parameters.AddWithValue("@UserName", Uname.Text);
- update.Parameters.AddWithValue("@PHash", BCrypt.Net.BCrypt.HashPassword(Uname.Text, 13));
- update.ExecuteNonQuery();
- }
- Session["FirstName"] = Username;
- Session["UserID"] = UserID;
- HttpContext.Current.Response.Redirect("LoggedIn.aspx");
- }
- else
- {
- ClientScript.RegisterStartupScript(Page.GetType(), "validation", "<script language ='javascript'>alert('Invalid Username and/or Passowrd')</script>");
- }
- }
- catch
- {
- ClientScript.RegisterStartupScript(Page.GetType(), "validation", "<script language ='javascript'>alert('Invalid Username and/or Passowrd')</script>");
- }
- finally
- {
- conn.Close();
- }
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
