Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- using System;
- using System.Collections.Generic;
- using System.Data.SqlClient;
- using System.Linq;
- using System.Web;
- using System.Web.UI;
- using System.Web.UI.WebControls;
- public partial class LoggedIn2TheHashening : System.Web.UI.Page
- {
- protected void Page_Load(object sender, EventArgs e)
- {
- }
- protected void Bsubmit_Click(object sender, EventArgs e)
- {
- int UserID;
- SqlConnection conn = new SqlConnection("Server=.; Database=LoginDatabase; Trusted_Connection=True;");
- conn.Open();
- SqlCommand cmd = new SqlCommand("select Passhash from Userdata where Username=@Username", conn);
- cmd.Parameters.AddWithValue("@UserName", Uname.Text);
- string sHash = (string)cmd.ExecuteScalar();
- //try
- //{
- if (BCrypt.Net.BCrypt.Verify(Pword.Text, sHash))
- {
- if (BCrypt.Net.BCrypt.PasswordNeedsRehash(sHash, 13))
- {
- SqlCommand update = new SqlCommand("Update Userdata set Passhash=@PHash Where Username=@Username", conn);
- update.Parameters.AddWithValue("@UserName", Uname.Text);
- update.Parameters.AddWithValue("@PHash", BCrypt.Net.BCrypt.HashPassword(Uname.Text, 13));
- update.ExecuteNonQuery();
- }
- SqlCommand UID = new SqlCommand("select UserID from Userdata where Username=@Username", conn);
- UID.Parameters.AddWithValue("@Username", Uname.Text);
- UID.ExecuteNonQuery();
- UserID = (Int32)UID.ExecuteScalar();
- Session["FirstName"] = Uname.Text;
- Session["UserID"] = UserID;
- HttpContext.Current.Response.Redirect("LoggedIn.aspx");
- }
- else
- {
- ClientScript.RegisterStartupScript(Page.GetType(), "validation", "<script language ='javascript'>alert('Invalid Username and/or Passowrd')</script>");
- }
- conn.Close();
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement