48 lines
1.4 KiB
C#
48 lines
1.4 KiB
C#
using System;
|
|
using System.Collections.Generic;
|
|
using System.Linq;
|
|
using System.Web;
|
|
using System.Web.UI;
|
|
using System.Web.UI.WebControls;
|
|
using System.Security.Cryptography;
|
|
|
|
namespace myWebApplication
|
|
{
|
|
public partial class login : System.Web.UI.Page
|
|
{
|
|
protected void Page_Load(object sender, EventArgs e)
|
|
{
|
|
|
|
}
|
|
|
|
protected void submit_Click(object sender, EventArgs e)
|
|
{
|
|
String record;
|
|
if ((record = SQLaccess.checkUserPass(txtusername.Text, txtpassword.Text)) == null)
|
|
{
|
|
//no such user, redirect
|
|
Response.Redirect("login.aspx");
|
|
}
|
|
|
|
//this is a problem
|
|
|
|
else
|
|
{
|
|
//set cookie
|
|
//generate secure random number as session cookie
|
|
byte [] b = new byte[10];
|
|
RandomNumberGenerator rng = RandomNumberGenerator.Create();
|
|
rng.GetBytes(b);
|
|
String sid = Helpers.CalculateMD5Hash(b);
|
|
HttpCookie auth = new HttpCookie("auth",sid);
|
|
//write session cookie to database for user
|
|
SQLaccess.InsertSessionID(record, sid);
|
|
|
|
Session["auth"] = auth;
|
|
Response.Cookies.Add(auth);
|
|
Response.Redirect("default.aspx?page=0");
|
|
}
|
|
|
|
}
|
|
}
|
|
} |