Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 265
  • Last Modified:

Login script rewrite from VB to C# a few errors to do with Encoding.

Hi,

I am trying to re-write a login script I use from VB to C#

Here's the C# code (in it's entirety) that I have written so far. I thought I was about there but it seems to fail towards the end and I cannot get the UTF8 encoding to work. I keep getting prompted that "The namespace UTF8Encoding could not be found..." (the same deal with other combinations I've seen in scripts around the web). There other issues with the code too such as "login.aspx.cs(72): Cannot implicitly convert type 'object' to 'int'" under point 5 where I get the results.

Probably a 2 second job for an expert, but causing me pain at the moment.

Cheers.

using System;
using System.Collections;
using System.ComponentModel;
using System.Data;
using System.Data.SqlClient;
using System.Web;
using System.Web.SessionState;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.HtmlControls;
using System.Configuration;
using System.Text.RegularExpressions;
using System.Security.Cryptography;
using System.Web.Security;
using System.IO;

namespace admin
{
      /// <summary>
      /// Summary description for login.
      /// </summary>
      public class login : BasePage
      {
            protected System.Web.UI.WebControls.Button btn_login;
            protected System.Web.UI.WebControls.Label txtUsername;
            protected System.Web.UI.WebControls.Label txtPwd;

            private void Page_Load(object sender, System.EventArgs e)
            {
                  // Put user code to initialize the page here
            }

            public void btn_login_click(object sender, System.EventArgs e)
            {
                  //1. Create a connection
                  string strConnString = ConfigurationSettings.AppSettings["ConnectStr"];
                  string DatabasePrefix = ConfigurationSettings.AppSettings["DatabasePrefix"];
                  SqlConnection objConn = new SqlConnection(strConnString);
                  
                  //2. Create a command object for the query
                  string strSQL = "SELECT COUNT(*) FROM [" + DatabasePrefix + "login] "
                  + "WHERE username=@Username AND password=@Password";

                  SqlCommand objCmd = new SqlCommand(strSQL, objConn);

                  //3. Create parameters
                  SqlParameter paramUsername = new SqlParameter();
                  paramUsername = new SqlParameter("@Username", SqlDbType.VarChar, 25);
                  paramUsername.Value = txtUsername.Text;
                  objCmd.Parameters.Add(paramUsername);

                  //4. Encrypt the password
                  MD5CryptoServiceProvider md5Hasher = new MD5CryptoServiceProvider();

                  /* SCRIPT FALLS APART FROM HERE ON IN */

                  UTF8Encoding encoder = new UTF8Encoding();
                  //byte[] unicodeBytes = unicode.GetBytes(src);

                  byte hashedDataBytes;

                  hashedDataBytes = md5Hasher.ComputeHash(encoder.GetBytes(txtPwd.Text));


                  SqlParameter paramPwd = new SqlParameter("@Password", SqlDbType.Binary, 16);
                  paramPwd.Value = hashedDataBytes;
                  objCmd.Parameters.Add(paramPwd);


                  //5. Get the records from the database
                  objConn.Open();
                  int iResults = objCmd.ExecuteScalar();
                  objConn.Close();

                  if (iResults > 1)
                  {
                        FormsAuthentication.RedirectFromLoginPage(txtUsername.Text, false);
                  }
                  else
                  {
                        lbl_msg.Visible = True;
                  }
            }
            #region Web Form Designer generated code
            override protected void OnInit(EventArgs e)
            {
                  //
                  // CODEGEN: This call is required by the ASP.NET Web Form Designer.
                  //
                  InitializeComponent();
                  base.OnInit(e);
            }
            
            /// <summary>
            /// Required method for Designer support - do not modify
            /// the contents of this method with the code editor.
            /// </summary>
            private void InitializeComponent()
            {    
                  this.Load += new System.EventHandler(this.Page_Load);
            }
            #endregion
      }
}
0
w3digital
Asked:
w3digital
  • 5
1 Solution
 
b1xml2Commented:
//5. Get the records from the database
objConn.Open();
// if expected type is int
int iResults = (int)objCmd.ExecuteScalar();
objConn.Close();
0
 
b1xml2Commented:
also,

to use this,
UTF8Encoding encoder = new UTF8Encoding();

add the following reference:
using System.Text;
0
 
b1xml2Commented:
public void btn_login_click(object sender, System.EventArgs e)
{
      //1. Create a connection
      string connectionString = ConfigurationSettings.AppSettings["ConnectStr"];
      string databasePrefix = ConfigurationSettings.AppSettings["DatabasePrefix"];
      SqlConnection connection = new SqlConnection(connectionString);
      
      //2. Create a command object for the query
      string sql = string.Format("SELECT COUNT(*) FROM [{0}login] WHERE username=@Username AND password=@Password",databasePrefix);
      
      SqlCommand command = new SqlCommand(sql, connection);
      command.Parameters.Add("@Username", SqlDbType.VarChar, 25).Value = txtUsername.Text;
      
      //4. Encrypt the password
      MD5CryptoServiceProvider md5Hasher = new MD5CryptoServiceProvider();
      System.Text.UTF8Encoding encoder = new System.Text.UTF8Encoding();
      command.Parameters.Add("@Password", SqlDbType.Binary, 16).Value =  md5Hasher.ComputeHash(encoder.GetBytes(txtPwd.Text));
      
      //5. Get the records from the database
      connection.Open();
      int value = (int)command.ExecuteScalar();
      connection.Close();
      
      if (value > 1)
      {
            FormsAuthentication.RedirectFromLoginPage(txtUsername.Text, false);
      }
      else
      {
            lbl_msg.Visible = True;
      }
}
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
b1xml2Commented:
might have to change this logic to the following:
      
      if (value == 1)
      {
            FormsAuthentication.RedirectFromLoginPage(txtUsername.Text, false);
      }
      else
      {
            lbl_msg.Visible = True;
      }

because if the user is found, there will be a count of 1
0
 
w3digitalAuthor Commented:
Fantastic Help! Thanks for all your advice, works like a dream!

All the best,

Chris
0
 
b1xml2Commented:
most welcome =)
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now