|
Public Shared Function encrypt(ByVal val As String, ByVal seed As Byte()) As String
Dim KEY_64 As Byte()
KEY_64 = seed
Dim IV_64 As Byte() = New Byte(7) {55, 103, 246, 79, 36, 99, _
167, 3}
If val <> "" Then
Dim cryptoProvider As New DESCryptoServiceProvider
Dim ms As New MemoryStream
Dim cs As New CryptoStream(ms, cryptoProvider.CreateEncryptor(KEY_64, IV_64), CryptoStreamMode.Write)
Dim sw As New StreamWriter(cs)
sw.Write(val)
sw.Flush()
cs.FlushFinalBlock()
ms.Flush()
Return Convert.ToBase64String(ms.GetBuffer(), 0, Convert.ToInt32(ms.Length))
End If
Return ""
End Function
Public Shared Function decrypt(ByVal val As String, ByVal seed As String) As String
Dim KEY_64 As Byte() = Convert.FromBase64String(seed)
Dim IV_64 As Byte() = New Byte(7) {55, 103, 246, 79, 36, 99, _
167, 3}
If val <> "" Then
Dim cryptoProvider As New DESCryptoServiceProvider
Dim buffer As Byte() = Convert.FromBase64String(val)
Dim ms As New MemoryStream(buffer)
Dim cs As New CryptoStream(ms, cryptoProvider.CreateDecryptor(KEY_64, IV_64), CryptoStreamMode.Read)
Dim sr As New StreamReader(cs)
Return sr.ReadToEnd()
End If
Return ""
End Function
Public Shared Function CreateSalt(ByVal size As Integer) As Byte()
' Generate a cryptographic random number using the cryptographic service provider
Dim rng As New RNGCryptoServiceProvider
Dim buff As Byte() = New Byte(size - 1) {}
rng.GetBytes(buff)
' Return a Base64 string representation of the random number
Return buff
End Function
Private Sub butuser_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles butuser.Click
Dim username As String
Dim password As String
Dim checkbox As String
username = txtusername.Text
password = txtpassword.Text
If username <> "" Then
'if Username is not null
Dim salt As Array
salt = CreateSalt(8)
username = encrypt(username, salt)
'encrypting the password to salt 8 algorithm
username = username.Replace("'", "''")
End If
If password <> "" Then
Dim salt As Array
'if password is not null
salt = CreateSalt(8)
password = encrypt(password, salt)
'encrypting the password to salt 8 algorithm
password = password.Replace("'", "''")
End If
If (chkplayer.Checked = True) Then
Dim objCookie As New HttpCookie("UserInfo")
objCookie.Values.Add("UserName", username)
objCookie.Values.Add("Password", password)
objCookie.Expires = DateTime.Now.AddDays(1)
'this is for one day
Response.Cookies.Clear()
Response.Cookies.Add(objCookie)
End If
Dim conn As SqlConnection = New SqlConnection("server=Wafes10;database=lgateway;uid=;pwd=;Trusted_connection=true")
conn.Open()
Dim cmd As SqlCommand = New SqlCommand("select count (*) from register where uname='" + txtusername.Text + "' and password='" + txtpassword.Text + "'", conn)
Dim dr As SqlDataReader
dr = cmd.ExecuteReader
dr.Read()
Dim rowcount As String
rowcount = dr(0).ToString
dr.Close()
hi i used this code encrypted sucessfully
how can i decript the username,password saved in cookies
|
|
|
|
|
saravanan05 wrote: hi i used this code encrypted sucessfully
how can i decript the username,password saved in cookies
Good Great All the best Happy Coding
Regards,
Sylvester G
sylvester_g_m@yahoo.com
|
|
|
|
|
hi
i encrypeted sucessfully
the username and password saved in encryped form in cookies
how can i decrypt that username,password
I use this code only
Public Shared Function encrypt(ByVal val As String, ByVal seed As Byte()) As String
Dim KEY_64 As Byte()
KEY_64 = seed
Dim IV_64 As Byte() = New Byte(7) {55, 103, 246, 79, 36, 99, _
167, 3}
If val <> "" Then
Dim cryptoProvider As New DESCryptoServiceProvider
Dim ms As New MemoryStream
Dim cs As New CryptoStream(ms, cryptoProvider.CreateEncryptor(KEY_64, IV_64), CryptoStreamMode.Write)
Dim sw As New StreamWriter(cs)
sw.Write(val)
sw.Flush()
cs.FlushFinalBlock()
ms.Flush()
Return Convert.ToBase64String(ms.GetBuffer(), 0, Convert.ToInt32(ms.Length))
End If
Return ""
End Function
Public Shared Function decrypt(ByVal val As String, ByVal seed As String) As String
Dim KEY_64 As Byte() = Convert.FromBase64String(seed)
Dim IV_64 As Byte() = New Byte(7) {55, 103, 246, 79, 36, 99, _
167, 3}
If val <> "" Then
Dim cryptoProvider As New DESCryptoServiceProvider
Dim buffer As Byte() = Convert.FromBase64String(val)
Dim ms As New MemoryStream(buffer)
Dim cs As New CryptoStream(ms, cryptoProvider.CreateDecryptor(KEY_64, IV_64), CryptoStreamMode.Read)
Dim sr As New StreamReader(cs)
Return sr.ReadToEnd()
End If
Return ""
End Function
Public Shared Function CreateSalt(ByVal size As Integer) As Byte()
' Generate a cryptographic random number using the cryptographic service provider
Dim rng As New RNGCryptoServiceProvider
Dim buff As Byte() = New Byte(size - 1) {}
rng.GetBytes(buff)
' Return a Base64 string representation of the random number
Return buff
End Function
Private Sub butuser_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles butuser.Click
Dim username As String
Dim password As String
Dim checkbox As String
username = txtusername.Text
password = txtpassword.Text
If username <> "" Then
'if Username is not null
Dim salt As Array
salt = CreateSalt(8)
username = encrypt(username, salt)
'encrypting the password to salt 8 algorithm
username = username.Replace("'", "''")
End If
If password <> "" Then
Dim salt As Array
'if password is not null
salt = CreateSalt(8)
password = encrypt(password, salt)
'encrypting the password to salt 8 algorithm
password = password.Replace("'", "''")
End If
regards
saravanan
|
|
|
|
|
It is Amazing that you have done this much of work.
saravanan05 wrote: how can i decript the username,password saved in cookies
Get it[^]
Regards,
Satips.
|
|
|
|
|
hi satips
i encrypeted sucessfully
the username and password saved in encryped form in cookies
how can i decrypt that username,password
I use this code only
Public Shared Function encrypt(ByVal val As String, ByVal seed As Byte()) As String
Dim KEY_64 As Byte()
KEY_64 = seed
Dim IV_64 As Byte() = New Byte(7) {55, 103, 246, 79, 36, 99, _
167, 3}
If val <> "" Then
Dim cryptoProvider As New DESCryptoServiceProvider
Dim ms As New MemoryStream
Dim cs As New CryptoStream(ms, cryptoProvider.CreateEncryptor(KEY_64, IV_64), CryptoStreamMode.Write)
Dim sw As New StreamWriter(cs)
sw.Write(val)
sw.Flush()
cs.FlushFinalBlock()
ms.Flush()
Return Convert.ToBase64String(ms.GetBuffer(), 0, Convert.ToInt32(ms.Length))
End If
Return ""
End Function
Public Shared Function decrypt(ByVal val As String, ByVal seed As String) As String
Dim KEY_64 As Byte() = Convert.FromBase64String(seed)
Dim IV_64 As Byte() = New Byte(7) {55, 103, 246, 79, 36, 99, _
167, 3}
If val <> "" Then
Dim cryptoProvider As New DESCryptoServiceProvider
Dim buffer As Byte() = Convert.FromBase64String(val)
Dim ms As New MemoryStream(buffer)
Dim cs As New CryptoStream(ms, cryptoProvider.CreateDecryptor(KEY_64, IV_64), CryptoStreamMode.Read)
Dim sr As New StreamReader(cs)
Return sr.ReadToEnd()
End If
Return ""
End Function
Public Shared Function CreateSalt(ByVal size As Integer) As Byte()
' Generate a cryptographic random number using the cryptographic service provider
Dim rng As New RNGCryptoServiceProvider
Dim buff As Byte() = New Byte(size - 1) {}
rng.GetBytes(buff)
' Return a Base64 string representation of the random number
Return buff
End Function
Private Sub butuser_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles butuser.Click
Dim username As String
Dim password As String
Dim checkbox As String
username = txtusername.Text
password = txtpassword.Text
If username <> "" Then
'if Username is not null
Dim salt As Array
salt = CreateSalt(8)
username = encrypt(username, salt)
'encrypting the password to salt 8 algorithm
username = username.Replace("'", "''")
End If
If password <> "" Then
Dim salt As Array
'if password is not null
salt = CreateSalt(8)
password = encrypt(password, salt)
'encrypting the password to salt 8 algorithm
password = password.Replace("'", "''")
End If
regards
saravanan
|
|
|
|
|
saravanan05 wrote: i encrypeted sucessfully
the username and password saved in encryped form in cookies
Good.
saravanan05 wrote: how can i decrypt that username,password
What error it shows when you decrypt.
Let me know it in detail.
Regards,
Satips.
|
|
|
|
|
hi satips
this is my function in decrypt
Public Shared Function decrypt(ByVal val As String, ByVal seed As String) As String
Dim KEY_64 As Byte() = Convert.FromBase64String(seed)
Dim IV_64 As Byte() = New Byte(7) {55, 103, 246, 79, 36, 99, _
167, 3}
If val <> "" Then
Dim cryptoProvider As New DESCryptoServiceProvider
Dim buffer As Byte() = Convert.FromBase64String(val)
Dim ms As New MemoryStream(buffer)
Dim cs As New CryptoStream(ms, cryptoProvider.CreateDecryptor(KEY_64, IV_64), CryptoStreamMode.Read)
Dim sr As New StreamReader(cs)
Return sr.ReadToEnd()
End If
Return ""
End Function
here i wrote code for retrive the uname,password from cookies in page load
If Not IsPostBack Then
If Not Request.Cookies("UserInfo") Is Nothing Then
Dim username As String
Dim password As String
Dim checkbox As String
Dim salt As String
'salt = Convert.ToInt32(CreateSalt(8))
' username = decrypt(txtusername.Text = Request.Cookies("UserInfo")("UserName").ToString(), Convert.ToInt32(salt))
'txtusername.Text = Request.Cookies("UserInfo")("UserName").ToString()
txtusername.Text = (Request.Cookies("UserInfo")("UserName").ToString())
txtpassword.Attributes.Add("value", Request.Cookies("UserInfo")("Password").ToString())
End If
well,how can i call the decrypt function here
regards
saravanan
|
|
|
|
|
saravanan05 wrote: how can i call the decrypt function here
How you called in Encrypting ?
Likewise call it.
Regards,
Satips.
|
|
|
|
|
hi
i called same this it is not working
can u help me
regards
saravanan
|
|
|
|
|
Try again and Again dont wait for our answers.
Regards,
Satips.
|
|
|
|
|
|
Cool anwser..It may be boosting saravanan
Regards,
Sylvester G
sylvester_g_m@yahoo.com
|
|
|
|
|
|
hi
i got the answer thanks lot satips and sylvester
regards
saravana
|
|
|
|
|
hi
i wrote another simple function
Public Sub cookies()
If Not IsPostBack Then
If Not Request.Cookies("UserInfo") Is Nothing Then
Dim username As String
Dim password As String
Dim checkbox As String
txtusername.Text = Decrypt(Request.Cookies("UserInfo")("UserName").ToString())
txtpassword.Attributes.Add("value", (Decrypt(Request.Cookies("UserInfo")("Password").ToString())))
End If
End If
End Sub
Public Shared Function Encrypt(ByVal Data As String) As String
Dim shaM As New SHA1Managed
Convert.ToBase64String(shaM.ComputeHash(Encoding.ASCII.GetBytes(Data)))
Dim eNC_data() As Byte = ASCIIEncoding.ASCII.GetBytes(Data)
Dim eNC_str As String = Convert.ToBase64String(eNC_data)
Encrypt = eNC_str
End Function
Public Shared Function Decrypt(ByVal Data As String) As String
Dim dEC_data() As Byte = Convert.FromBase64String(Data)
Dim dEC_Str As String = ASCIIEncoding.ASCII.GetString(dEC_data)
Decrypt = dEC_Str
End Function
Private Sub butuser_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles butuser.Click
Dim username As String
Dim password As String
Dim checkbox As String
username = txtusername.Text
password = txtpassword.Text
If username <> "" Then
'if Username is not null
username = Encrypt(username)
'encrypting the password to salt 8 algorithm
username = username.Replace("'", "''")
End If
If password <> "" Then
password = Encrypt(password)
'encrypting the password to salt 8 algorithm
password = password.Replace("'", "''")
End If
If (chkplayer.Checked = True) Then
Dim objCookie As New HttpCookie("UserInfo")
objCookie.Values.Add("UserName", username)
objCookie.Values.Add("Password", password)
objCookie.Expires = DateTime.Now.AddDays(1)
'this is for one day
Response.Cookies.Clear()
Response.Cookies.Add(objCookie)
End If
Dim conn As SqlConnection = New SqlConnection("server=Wafes10;database=lgateway;uid=;pwd=;Trusted_connection=true")
conn.Open()
Dim cmd As SqlCommand = New SqlCommand("select count (*) from register where uname='" + txtusername.Text + "' and password='" + txtpassword.Text + "'", conn)
Dim dr As SqlDataReader
dr = cmd.ExecuteReader
dr.Read()
Dim rowcount As String
rowcount = dr(0).ToString
dr.Close()
If rowcount = 1 Then
'cookies()
thanks lot
regards
saravanan
|
|
|
|
|
Hi, I am new to ASP.NET and VB.NET. My app is supposed to check if a user already exists. On one of the lines of code below I'm trying to use CType to retrieve a data from the database. I get the error message "Object reference not set to an instance of an object". I did a search on this error message and found one site that saia that the most common cause of this is that one for gets to declare a variable. The second most common cause is bad scoping (declaring the variable locally instead of globally). I've checked but I did not find the above to be the cause of the error message. Perhaps you could help me spot the cause of the error message. It's most likely that I am using the CType and ExecuteScalar methods incorrectly. The following is my code, please take a look. Thank you in advance for your help.
Private Sub lblRegister_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles lblRegister.Click
Dim bResult As Boolean = False
Dim myConnection As OdbcConnection
Dim myCommand As OdbcCommand
Dim strInsert As String
Dim strGoodPassword As String
Dim cmdInsert As New OdbcCommand
Dim strSQL As String
myConnection = New OdbcConnection("Driver={MySQL ODBC 3.51 Driver};Server=localhost;Database=myDb;User=myUSER;Password=myPW;Option=3;")
strSQL = String.Format("SELECT myUserName FROM myTable WHERE (email='{0}');", txtUserName)
myCommand.CommandText = strSQL
myCommand.CommandType = CommandType.Text
strInsert = "INSERT into membersinfotbl (FirstName,LastName,Password,Phone,Email,Profession,StrAddress,City,State,ZipCode)value (?,?,?,?,?,?,?,?,?,?)"
myCommand = New OdbcCommand("StrInsert", myConnection)
myCommand.Parameters.Add("@FirstName", txtFirst.Text)
myCommand.Parameters.Add("@LastName", txtLast.Text)
myCommand.Parameters.Add("@Password", txtPassword.Text)
myCommand.Parameters.Add("@Phone", txtPhone.Text)
myCommand.Parameters.Add("@Email", txtEmail.Text)
myCommand.Parameters.Add("@Profession", txtProfession.Text)
myCommand.Parameters.Add("@StrAddress", txtAddress.Text)
myCommand.Parameters.Add("@City", txtCity.Text)
myCommand.Parameters.Add("@State", txtState.Text)
myCommand.Parameters.Add("@ZipCode", txtZipCode.Text)
myConnection.Open()
strGoodPassword = CType(myCommand.ExecuteScalar, String)
myCommand.ExecuteNonQuery()
If Not strGoodPassword Is Nothing Then
If strGoodPassword = txtPassword.Text Then
bResult = True
Else
lblMessage.Text = "That user name is already taken!"
lblMessage.Text &= " Please choose another user name."
End If
Else
lblMessage.Text = "That user name is already taken!"
lblMessage.Text &= " Please choose another user name."
End If
myConnection.Close()
End Sub
-- modified at 0:19 Thursday 14th June, 2007
|
|
|
|
|
ASPnoob wrote: I get the error message "Object reference not set to an instance of an object"
Which line of the code is show this error message?
|
|
|
|
|
The error is on the line below. Thank you so much for your help.
strGoodPassword = CType(myCommand.ExecuteScalar, String)
|
|
|
|
|
Hey Friend,
You are using ExecuteScalar, which is used when the Command return a value (single column value) after the execution of the SQL statement. The SQL would be SELECT statement. But here you are INSERT-ing the record into the DB. This SQL won't return you the value. (i.e) This statement return you NULL.
In simple, you are doing a wrong action, using wrong query.
|
|
|
|
|
I did use the select statement and it's used for checking if a username already exists. The select statement was used on the following line.
strSQL = String.Format("SELECT myUserName FROM myTable WHERE (email='{0}');", txtUserName).
Once it is determined a username is not already in existence, the username supplied by the user is sent to the database. I would like more detailed comments on my code, please take a good look to help me find the error. Thank you in advance for your help.
-- modified at 1:20 Thursday 14th June, 2007
|
|
|
|
|
ASPnoob wrote: strSQL = String.Format("SELECT myUserName FROM myTable WHERE (email='{0}');", txtUserName)
myCommand.CommandText = strSQL
myCommand.CommandType = CommandType.Text
You have assigned the query, but not executed the myCommand. Again you started assigning the INSERT statement. First time you have assigned the SELECT statement. You should execute the ExecuteScalar next to it and do your conditional check there. If everything ok, then assign the INSERT statement to myCommand object and execute the ExecuteNonQuery command.
Private Sub lblRegister_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles lblRegister.Click
Dim bResult As Boolean = False
Dim myConnection As OdbcConnection
Dim myCommand As New OdbcCommand
Dim strInsert As String
Dim strGoodPassword As String
Dim cmdInsert As New OdbcCommand
Dim strSQL As String
myConnection = New OdbcConnection("Driver={MySQL ODBC 3.51 Driver};Server=localhost;Database=myDb;User=myUSERassword=myPW;Option=3;")
strSQL = String.Format("SELECT myUserName FROM myTable WHERE (email='{0}');", txtUserName)
myConnection.Open()
myCommand.Connection = myConnection
myCommand.CommandText = strSQL
myCommand.CommandType = CommandType.Text
strGoodPassword = CType(myCommand.ExecuteScalar, String)
If Not strGoodPassword Is Nothing Then
If strGoodPassword = txtPassword.Text Then
bResult = True
Else
lblMessage.Text = "That user name is already taken!"
lblMessage.Text &= " Please choose another user name."
End If
Else
lblMessage.Text = "That user name is already taken!"
lblMessage.Text &= " Please choose another user name."
End If
strInsert = "INSERT into membersinfotbl (FirstName,LastName,Password,Phone,Email,Profession,StrAddress,City,State,ZipCode)value (?,?,?,?,?,?,?,?,?,?)"
myCommand.CommandText = strInsert
myCommand.CommandType = CommandType.StoredProcedure
myCommand.Parameters.Add("@FirstName", txtFirst.Text)
myCommand.Parameters.Add("@LastName", txtLast.Text)
myCommand.Parameters.Add("@Password", txtPassword.Text)
myCommand.Parameters.Add("@Phone", txtPhone.Text)
myCommand.Parameters.Add("@Email", txtEmail.Text)
myCommand.Parameters.Add("@Profession", txtProfession.Text)
myCommand.Parameters.Add("@StrAddress", txtAddress.Text)
myCommand.Parameters.Add("@City", txtCity.Text)
myCommand.Parameters.Add("@State", txtState.Text)
myCommand.Parameters.Add("@ZipCode", txtZipCode.Text)
myCommand.ExecuteNonQuery()
myConnection.Close()
End Sub
Try the above code....
ASPnoob wrote: strGoodPassword = CType(myCommand.ExecuteScalar, String)
ASPnoob wrote:
If Not strGoodPassword Is Nothing Then
If strGoodPassword = txtPassword.Text Then
bResult = True
Else
lblMessage.Text = "That user name is already taken!"
lblMessage.Text &= " Please choose another user name."
End If
Else
lblMessage.Text = "That user name is already taken!"
lblMessage.Text &= " Please choose another user name."
End If
But I am confused, why you are validating the Password with the Username field.
|
|
|
|
|
Thank you for responding to my question. You were right to be confused about my use of the Password to validate Username field. It was a typo I meant to use txtUserName.text instead of txtPassword.text. I still did not solve the original problem and that is the error message "Object reference not set to an instance of an object". The line thats causing the error message is "myCommand.CommandText = strSQL". I don't know what else to do but I'll keep on looking for the answer. Thanks again for your time.
|
|
|
|
|
ASPnoob wrote: strSQL = String.Format("SELECT myUserName FROM myTable WHERE (email='{0}');", txtUserName)
If txtUserName is a TextBox, use as txtUserName.Text in the SELECT statement
|
|
|
|
|
Thanks for helping, I've changed the select statement like you've suggested. However, I still get the same exact error message as before. I did a search on the error message, and I read that it could be caused by not initializing the variable strSQL I'm using in my code. So I initialized it with the following
"strSQL=String.Empty"
I get the same exact error message at the same line, please help me solve this problem. Thank you for your time.
-- modified at 3:24 Thursday 14th June, 2007
|
|
|
|
|
Hi,
According to my observation of your code you have not assigned a new instance to your myCommand object of OdbcCommand.
You just have written
Dim myCommand As OdbcCommand
You should write Dim myCommand As New OdbcCommand
or following line you should instert before doing any operation with myCommand
myCommand = New OdbcCommand()
You have done this with cmdInsert but not with myCommand.
I hope this will solve your problem.
Thanks and Regards,
Chetan Ranpariya
|
|
|
|
|