Hashtables function not working with SqlCommand parameters?

Question

kolibrizas 12 Junior Poster in Training

12 Years Ago

SqlCommand command = new SqlCommand("SELECT Id FROM users WHERE Username=@Username AND Password=HASHBYTES('MD5', @Password)");
command.Parameters.AddWithValue("@Username", pieces[1]);
command.Parameters.AddWithValue("@Password", pieces[2]);

doesn't return correct result

SqlCommand command = new SqlCommand("SELECT Id FROM users WHERE Username=@Username AND Password=@Password");
command.Parameters.AddWithValue("@Username", pieces[1]);
command.Parameters.AddWithValue("@Password", pieces[2]);

returns correct result, however the data in mssql database has to be not coded

what am I doing wrong?

P.S.1 If I try to execute the first line in the manager, writing the appropriate data instead of @something like this

SELECT Id FROM users WHERE Username='test' AND Password=HASHBYTES('MD5', 'testpass')

then it's all good and I get a good result.

P.S.2 I am sure pieces[] bring correct data.

P.S.3 Maybe there is a way to check how the SqlCommand looks once with parameters added or other way to check why it is failing?

mssql password

Edited 12 Years Ago by kolibrizas because: added P.S.3

2 Contributors
2 Replies
182 Views
9 Hours Discussion Span
Latest Post 12 Years Ago Latest Post by kolibrizas

thines01 401 Postaholic

12 Years Ago

Do you need to cast the return value from the Hastable as a string, first (like pieces[1].ToString())?
Can you use a Dictionary<int, string> instead?

Edited 12 Years Ago by thines01 because: n/a

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

kolibrizas 12 Junior Poster in Training · Answer 1 · 2012-02-12T22:31:08+00:00

I did solve this myself, the problem being wrong base encoding, not the problem in my code itself. Can I delete this topic somehow?