Hey
I need some help here i have created a easy login with registration that save the password in plain text but now i want it to be hash and salted but i do not now how i can do this.
This is the code for login:
try
{
SqlConnection con = new SqlConnection();
con.ConnectionString = "Data Source=(loc);Initial Catalog=InformationDb;Integrated Security=True";
con.Open();
string txtUs = TxtUser.Text;
string txtPass = TxtPass.Text;
string query = "SELECT * FROM User WHERE Username=@user and Password =@passW";
SqlCommand cmd = new SqlCommand(query,con);
cmd.Parameters.Add(new SqlParameter("@user",txtUser));
cmd.Parameters.Add(new SqlParameter("@passW",txtPass));
SqlDataReader dr = cmd.ExecuteReader();
int count = 0;
while (dr.Read())
{
count = ++;
}
if (count == 1)
{
this.Hide();
var f2 = new F2();
F2.Closed += (s, args) => this.Close();
F2.Show();
and this is for regg:
SqlConnection con = new SqlConnection();
con.ConnectionString = "Data Source=(loc);Initial Catalog=InformationDb;Integrated Security=True";
con.Open();
SqlCommand cmd = new SqlCommand("insert into [User] (Username,Password,Firstname,Lastname,Email) VALUES(@user,@pass,@fname,@lname,@emai)", con);
cmd.Parameters.AddWithValue("@user", TxtUserN.Text);
cmd.Parameters.AddWithValue("@pass", txtpass.Text);
cmd.Parameters.AddWithValue("@fname", txtFName.Text);
cmd.Parameters.AddWithValue("@lname", txtLName.Text);
cmd.Parameters.AddWithValue("@emai", TxtEmail.Text);
cmd.ExecuteNonQuery();
MessageBox.Show("You are registered");