0
有人會贊同使用這個「綠色喇叭」嗎?目前正在從事這個項目。現在這裏的想法是從數據庫中檢索密碼,並將其與用戶輸入的密碼進行匹配。存儲的密碼使用Bcrypt加密。我現在嘗試了不同的方式,但是我仍然無法獲得匹配的密碼。無法獲取存儲的密碼(Bcrypt)以與用戶輸入相匹配
下面是代碼的一部分。
// String command used from SQL, match AccountNo with Accountbox, Password with Passwordbox, from the Accounts dbo.
string a = string.Format("Select * from Accounts where AccountNo='{0}' and Password='{1}'", Accountbox ,Passwordbox);
SqlCommand ACCcheck = new SqlCommand(a, conn);
conn.Open();
SqlDataAdapter adapt1 = new SqlDataAdapter(ACCcheck);
DataSet data1 = new DataSet();
adapt1.Fill(data1);
SqlDataReader read = ACCcheck.ExecuteReader();
try
{
if (read.Read())
{
string salt = BCryptHelper.GenerateSalt(10);
string hash = BCryptHelper.HashPassword(Passwordbox, salt);
string OGpassword = read["Password"].ToString();
string givenPass = BCryptHelper.HashPassword(hash, Passwordbox);
if (givenPass.Equals(OGpassword))
{
//if (read.HasRows) // if input data valid, then proceed. if not then close conn and force retry.
//{
MessageBox.Show("WORDKING!");
conn.Close();
read.Close();
string q = string.Format("Select * from Transactions where AccountNo =" + Accountbox); // Fetch data from transaction table
SqlCommand cmd = new SqlCommand(q, conn); // SQL query, checks if what the user has written is a match with whats on the Db. Accountbox and Passwordbox are Inputbox I've used for this program.
我不知道如果我有一個SQL的錯誤在這裏,或者如果它是Bcrypt一部分是壞了。
在此先感謝您的幫助。