|
To add to what David has said, you are also putting yourself at quite considerable risk: Never store passwords in clear text - it is a major security risk. There is some information on how to do it here: Password Storage: How to do it.[^]
And remember: if this is web based and you have any European Union users then GDPR applies and that means you need to handle passwords as sensitive data and store them in a safe and secure manner. Text is neither of those and the fines can be .... um ... outstanding. In December 2018 a German company received a relatively low fine of €20,000 for just that.
The more I see of "your code" the more I think you aren't anywhere near ready for whatever it is you are trying to do ...
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony
"Common sense is so rare these days, it should be classified as a super power" - Random T-shirt
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
hi all,
i have a datagrid and listview with some items.
like,counting from 1 to 20
than when i sort its shows 1,10,11 and so on
i want it sort like 1,2,3 as acending or descending selected
plz help me for this.
thanks in advance.
|
|
|
|
|
That's the correct sorting, for your data - the problem is deeper than that and probably requires changes elsewhere.
When you sort numbers, you expect this order: 1, 2, 3, ... 9, 10, 11, ... 19, 20 ...
But when you sort strings, the whole comparison is based on the first different pair of characters you encounter in the two strings. So if you compare "APPLE" with "APART"it does this:
1) Compare index [0]: 'A' and 'A'. Same. Continue
2) Compare index [1]: 'P' and 'P'. Same. Continue
3) Compare index [2]: 'P' and 'A'. Different: Since 'A' is less than 'P' return the second string as the "lowest" value.
Indexes [3] and above aren't even looked at.
That's all fine and dandy, except if you are comparing string values and expecting numeric ordering, because the string ordering is used regardless of the string content and the order goes:
1, 10, 11, ... 19, 2, 20, 21, ... 29, 3, 30, ...
This problem gets even worse with date based string data!
So what you actually need to do is look to the source of your data and find out why it is a string rather than a numeric value, and correct that. Often, it's due to bad design in a DB where all the data is stored as strings because that was easy to do and caused no errors when bad numbers or bad dates where INSERTed - but the best way to fix this is to fix the DB design so you store numbers in numeric fields, and dates in date based fields.
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony
"Common sense is so rare these days, it should be classified as a super power" - Random T-shirt
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
yes i want to compare string items
|
|
|
|
|
If you're trying to sort numeric items as strings, you're not going to get the result you want.
The column that you want to sort in 1, 2, 3, ... order MUST be numeric in order for sorting to work the way you want.
|
|
|
|
|
If your data contains a mixture of numbers and strings and you want to precisely match the way Windows Explorer sorts file names, then you can either P/Invoke the StrCmpLogicalW function, or use a managed implementation:
Numeric String Sort in C#[^]
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
thanks this really helps me...
|
|
|
|
|
for string its working fine,
now what about date time, how i compare here date time of file, to sort according this
|
|
|
|
|
Don't use a string column; use a DateTime column, and apply the format in the UI.
If you really want to sort dates stored as strings, then you have to store them in a sortable format - eg: yyyy-MM-dd HH:mm:ss.
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
One solution is to create a class for a "sortable" list and use that as your data source in the DGV. I found this somewhere and have been using it with success. Thanks to the unsung hero who wrote it.
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Linq;
using System.Runtime.InteropServices;
namespace YourNamespace
{
internal static class NativeMethods
{
[DllImport("shlwapi.dll", CharSet = CharSet.Unicode)]
internal static extern int StrCmpLogicalW(string aString, string bString);
}
internal class SortableList<T> : BindingList<T>
{
protected override bool SupportsSortingCore
{
get
{
return true;
}
}
protected override void ApplySortCore(PropertyDescriptor prop, ListSortDirection direction)
{
int modifier = direction == ListSortDirection.Ascending ? 1 : -1;
if (prop?.PropertyType.GetInterface("IComparable") != null)
{
var items = Items.ToList() as List<T>;
items.Sort(new Comparison<T>((a, b) =>
{
var aVal = prop.GetValue(a).ToString() as string;
var bVal = prop.GetValue(b).ToString() as string;
return NativeMethods.StrCmpLogicalW(aVal, bVal) * modifier;
}));
Items.Clear();
foreach (var i in items) Items.Add(i);
}
}
}
}
|
|
|
|
|
Sir, I have studied and tried to put login page but it shows code error please tell me the correction sir
It shows error: System.InvalidOperationException: 'The connection is already and also code error
private void button14_Click(object sender, EventArgs e)
{
if (textBox9.Text != "" && textBox10.Text != "")
{
string connectionString;
MySqlConnection cnn;
connectionString = @"Data Source=localhost;Initial Catalog=testDB;User ID=root;Password=mysql";
cnn = new MySqlConnection(connectionString);
cnn.Open();
string id = textBox9.Text;
string password = textBox10.Text;
textBox9.Text = "";
textBox10.Text = "";
string query = "select * from login where userid=@userid,password=@password,confirmpassword=@confirmpassword where loginid=@loginid is same";
//string query = "update employee set employee_name=@employee_name,employee_salary=@employee_salary where employee_id=@employee_id";
using (MySqlCommand cmd = new MySqlCommand(query))
{
cmd.Parameters.AddWithValue("@userid", id);
//cmd.Parameters.AddWithValue("@employee_id", Convert.ToInt32(id));
cmd.Parameters.AddWithValue("@password", password);
//cmd.Parameters.AddWithValue("@confirmpassword", confirmpassword);
cmd.Connection = cnn;
cnn.Open();
cmd.ExecuteNonQuery();
DialogResult dr = MessageBox.Show("Are you sure to Login now?", "Confirmation", MessageBoxButtons.YesNo);
if (dr == DialogResult.Yes)
{
MessageBox.Show("Login Successfully");
cnn.Close();
this.Hide();
Form2 f2 = new Form2();
f2.ShowDialog();
}
else if (dr == DialogResult.No)
{
MessageBox.Show("Please Enter Correct Login details");
}
}
}
else
{
MessageBox.Show("Please Enter details to Login");
}
}
}
|
|
|
|
|
You are storing your user's passwords in plain text - twice.
Don't do that!
Secure Password Authentication Explained Simply[^]
Salted Password Hashing - Doing it Right[^]
The "confirm password" value should only be used to verify that the user has entered the same password twice. You should not store it, since it will be identical to the password.
The password itself should never be stored. Instead, store a salted hashed value, using multiple rounds of a cryptographically-secure one-way hash algorithm, and a unique salt for each record.
Anything less will lead to massive fines for not storing your users' data properly.
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
As to your error, which you have truncated:
Quote:
cnn = new MySqlConnection(connectionString);
cnn.Open();
...
cmd.Connection = cnn;
cnn.Open();
cmd.ExecuteNonQuery();
You are opening the connection twice. When you try to open a connection which has already been opened, you will get an exception telling you that the connection has already been opened.
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
I got error in this line sir
cmd.ExecuteNonQuery();
|
|
|
|
|
No, you get an error on the second call to Open. The debugger is just showing you the wrong line.
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
Sir, I have removed First given open connection now the error is coming like
MySql.Data.MySqlClient.MySqlException: 'Fatal error encountered during command execution.'
MySqlException: Parameter '@loginid' must be defined.
|
|
|
|
|
Look at your query:
Quote:
select * from login where userid=@userid, password=@password, confirmpassword=@confirmpassword where loginid=@loginid is same
You have two where clauses, which is not valid. And as far as I can see, that is same on the end is also not valid. And putting a comma between conditions is also not valid - you need to use AND instead.
Aside from that, you have four parameters: @userid, @password, @confirmpassword, and @loginid.
Now look at the parameters you are passing to the command:
Quote:
cmd.Parameters.AddWithValue("@userid", id);
cmd.Parameters.AddWithValue("@password", password);
You are passing TWO parameters: @userid and @password.
Either fix you query to use the parameters you are passing, or fix your code to pass the parameters required by the query.
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
Sir, Now i have passed three parameters but it shows login successfull with wrong userid password also sir
if (textBox9.Text != "" && textBox10.Text != "")
{
string connectionString;
MySqlConnection cnn;
connectionString = @"Data Source=localhost;Initial Catalog=testDB;User ID=root;Password=mysql";
cnn = new MySqlConnection(connectionString);
string id = textBox9.Text;
string password = textBox10.Text;
string loginid = "";
textBox9.Text = "";
textBox10.Text = "";
string query = "select * from login where userid=@userid and password=@password and loginid=@loginid";
using (MySqlCommand cmd = new MySqlCommand(query))
{
cmd.Parameters.AddWithValue("@userid", id);
cmd.Parameters.AddWithValue("@password", password);
cmd.Parameters.AddWithValue("@loginid", loginid);
cmd.Connection = cnn;
cnn.Open();
cmd.ExecuteNonQuery();
DialogResult dr = MessageBox.Show("Are you sure to Login now?", "Confirmation", MessageBoxButtons.YesNo);
if (dr == DialogResult.Yes)
{
MessageBox.Show("Login Successfully");
cnn.Close();
this.Hide();
Form2 f2 = new Form2();
f2.ShowDialog();
}
else if (dr == DialogResult.No)
{
MessageBox.Show("Please Enter Correct Login details");
}
}
}
else
{
MessageBox.Show("Please Enter details to Login");
}
}
|
|
|
|
|
Because as the other Richard said below, you are not checking the result of your query! 
And as I said above, you are storing passwords insecurely. If you're intending to use this code in a real application, then I hope you've got deep pockets, because you're going to get hit with a multi-million dollar fine PDQ.
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
Sir, how to save password securely? pls suggest in my code and mysql query also wrong bcz it login with wrong userid and password also
|
|
|
|
|
|
string connectionString;
MySqlConnection cnn;
connectionString = @"Data Source=localhost;Initial Catalog=testDB;User ID=root;Password=mysql";
cnn = new MySqlConnection(connectionString);
string id = textBox9.Text;
string password = textBox10.Text;
string loginid = "";
textBox9.Text = "";
textBox10.Text = "";
string query = "select * from login where userid=@userid and password=@password and loginid=@loginid";
using (MySqlCommand cmd = new MySqlCommand(query))
{
cmd.Parameters.AddWithValue("@userid", id);
cmd.Parameters.AddWithValue("@password", password);
cmd.Parameters.AddWithValue("@loginid", loginid);
cmd.Connection = cnn;
cnn.Open();
cmd.ExecuteNonQuery();
DialogResult dr = MessageBox.Show("Are you sure to Login now?", "Confirmation", MessageBoxButtons.YesNo);
if (dr == DialogResult.Yes)
{
MessageBox.Show("Login Successfully");
cnn.Close();
this.Hide();
Form2 f2 = new Form2();
f2.ShowDialog();
}
else if (dr == DialogResult.No)
{
MessageBox.Show("Please Enter Correct Login details");
}
}
}
else
{
MessageBox.Show("Please Enter details to Login");
}
}
|
|
|
|
|
You really can't be bothered to pay attention, can you?
Programming is not about throwing some random code together from a couple of internet searches, and then pestering other people to fix it for you.
If you can't think for yourself, then you have chosen the wrong career.
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
Sir, I pay attention sir, you said i am passing 2parameters now i am passing 3parameters and login means it shows login successful with wrong userid password also i think my sql query should be change here
|
|
|
|
|
You are clearly not paying attention, neither here nor in your class.
You have repeatedly been told that you need to check the results of your query. You have been told how to do that. And yet you continue to ask how to do what you have already been told how to do, and insist that you need to change your query rather than your code.
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
General 
News 
Suggestion 
Question 
Bug 
Answer 
Joke 
Praise 
Rant 
Admin 
Submit an article or tip
