1. 首页
  2. 问答
  3. 哈希密码算法和程序的实际运行

哈希密码算法和程序的实际运行

2012-05-16 25 views
0

我是C#编程新手,尝试使用C#和MySQL数据库在WPF中创建登录表单。当我运行我的WPF和尝试插入数据,我在这一行收到错误:哈希密码算法和程序的实际运行

using (var cmd = new MySqlCommand("Select salt From niki where user_name = @username")) 
{ 
    cmd.Parameters.AddWithValue("@username", username); 
    salt = cmd.ExecuteScalar() as string; 
}

的错误是连接必须是有效的和开放的。你有什么线索可以解决问题吗?

伙计们这是整个代码,我只是用虚幻取代敏感数据字段,虽然我改变了我仍然得到错误的东西。你能确定问题来自哪里吗?

using System; 
using System.Collections.Generic; 
using System.ComponentModel; 
using System.Data; 
using System.Drawing; 
using System.Linq; 
using System.Text; 
using System.Windows.Forms; 
using MySql.Data.MySqlClient; 
using System.Security.Cryptography; 
using System.Security.Authentication; 
using System.Security.Permissions; 
using System.Security.AccessControl; 
using System.Security.Policy; 
using System.Security.Principal; 
using System.Security.Util; 




namespace ECBSRecruitmentAgencySoftware 
{ 
    public partial class LogIn : Form 
    { 

     public LogIn() 
     { 

      InitializeComponent(); 

     } 

    static byte[] GenerateSaltedHash(string plainText, string salt) 
    { 
     HashAlgorithm algorithm = new SHA256Managed(); 

     byte[] plainTextBytes = System.Text.Encoding.Unicode.GetBytes(plainText); 
     byte[] saltBytes = Convert.FromBase64String(salt); 

     byte[] plainTextWithSaltBytes = new byte[plainTextBytes.Length + saltBytes.Length]; 
     saltBytes.CopyTo(plainTextWithSaltBytes, 0); 
     plainTextBytes.CopyTo(plainTextWithSaltBytes, salt.Length); 

     byte[] hash = algorithm.ComputeHash(plainTextWithSaltBytes); 

     return hash; 
    } 

     public bool tryLogin(string username , string password) 
     { 
      using (var con = new MySqlConnection("host=tara.rdb.superhosting.bg;user=sozopouk;password=27051996;database=sozopouk_test2;")) 
      { 
       con.Open(); 

       var salt = string.Empty; 

       using (var cmd = new MySqlCommand("Select salt From niki where user_name = @username")) 
       { 
        cmd.Parameters.AddWithValue("@username", username); 

        salt = cmd.ExecuteScalar() as string; 
       } 

       if (string.IsNullOrEmpty(salt)) return false; 

       var hashedPassword = GenerateSaltedHash(password, salt); 

       using (var cmd = new MySqlCommand("Select * FROM niki WHERE user_name = @username and user_password = @password")) 
       { 
        cmd.Parameters.AddWithValue("@username", username); 
        cmd.Parameters.AddWithValue("@password", hashedPassword); 

        using (var reader = cmd.ExecuteReader()) 
        { 
         return reader.Read(); 
        } 
       } 
      } 
     } 

     private void button1_Click(object sender, EventArgs e) 
     { 
      if (tryLogin(user.Text, pass.Text) == true) 
      { 
       MainScreen F2 = new MainScreen(); 
       F2.Show(); 
       this.Hide(); 
      } 

      else MessageBox.Show("Wrong details!"); 

     }   
     } 


}

你的意思是我要更新:

using (var con = new MySqlConnection("host=tara.rdb.superhosting.bg;user=sozopouk;password=27051996;database=sozopouk_test2;")) 
       { 
        con.Open(); 

        var salt = string.Empty; 

        using (var cmd = new MySqlCommand("Select salt From niki where user_name = @username")) 
        { 
         cmd.Parameters.AddWithValue("@username", username); 

         salt = cmd.ExecuteScalar() as string; 
        } 
enter code here 
enter code here

随着你生产的代码?如果是,我怎么连接到我的MySQL数据库?

来源

2012-05-16 Nikolay Dyankov

+0

您需要将连接添加到您的SQL命令对象的工作一点信息的。 .......“text”,con); – tsells

回答

1

那么,在尝试读取或写入数据库之前,您应该打开一个连接,然后发出命令。

using (MySqlConnection cn = GetConnection()) 
{ 
    cn.Open(); 
    // create the command and link it to the connection 
    using (var cmd = new MySqlCommand("Select salt From niki where user_name = @username", cn)) 
    { 
     cmd.Parameters.AddWithValue("@username", username); 
     salt = cmd.ExecuteScalar() as string; 
    } 
} 

public MySqlConnection GetConnection() 
{ 
    MySqlConnection cn = new MySqlConnection("Server=myServerAddress;Database=myDataBase;Uid=myUsername;Pwd=myPassword;"); 
    return cn; 
}

编辑:缺少一块拼图在这里:

MySqlCommand cmd = MySqlCommand("your_query_text", cn)

来源

2012-05-16 23:40:18 Steve

+0

请你可以查看我编辑过的帖子 –

+0

如果你仔细看看我的回答,你会看到,在创建命令时,我添加了连接。所以当命令执行时,它知道要使用的连接。在你的样本中,这种关联从来没有完成过,因此错误。 – Steve

0

你有联系吗?尝试类似

 using (MySqlConnection connection = new MySqlConnection(connectionString)) 
     { 
      connection.Open(); 
      using (MySqlCommand command = new MySqlCommand("Select salt From niki where user_name = @username", connection)) 
      { 
       command.CommandType = CommandType.Text; 
       command.Parameters.AddWithValue("@username", username); 
       salt = cmd.ExecuteScalar() as string; 
      }     
     }

编辑你不使用连接您的更新后,您在构造函数中需要用于MySqlCommand

using (MySqlCommand command = new MySqlCommand(Command, Connection)) 
{ 
}

或其他类似的东西

command.Connection = connection;

编辑2如果你用下面的代码替换你的数据库代码,你是否还有问题?

   using (var con = new MySqlConnection("host=tara.rdb.superhosting.bg;user=sozopouk;password=27051996;database=sozopouk_test2;")) 
      { 
       con.Open(); 

       var salt = string.Empty; 

       using (var cmd = new MySqlCommand("Select salt From niki where user_name = @username", con)) 
       { 
        cmd.Parameters.AddWithValue("@username", username); 

        salt = cmd.ExecuteScalar() as string; 
       } 

       if (string.IsNullOrEmpty(salt)) return false; 

       var hashedPassword = GenerateSaltedHash(password, salt); 

       using (var cmd = new MySqlCommand("Select * FROM niki WHERE user_name = @username and user_password = @password", con)) 
       { 
        cmd.Parameters.AddWithValue("@username", username); 
        cmd.Parameters.AddWithValue("@password", hashedPassword); 

        using (var reader = cmd.ExecuteReader()) 
        { 
         return reader.Read(); 
        } 
       } 
      }

来源

2012-05-16 23:40:25 Manatherin

+0

请你可以检查我编辑的帖子 –

+0

@NikolayDyankov更新了我的答案 – Manatherin

+0

请检查我已编辑的帖子。 –

相关问题

 相关问题