I had successfully encrypt my SQLite file using zetetic method. Using DB Browser for SQLite to open encrypted file, I was able to browse the data after entering the encryption key. Currently, I can't seem to decrypt the encrypted file using the below code:
string password = "secretKey";
using (SQLiteConnection sqlite_conn = new SQLiteConnection("Data Source=c:\\test.db"))
{
sqlite_conn.ConnectionString = new SqliteConnectionStringBuilder(sqlite_conn.ConnectionString){
Password = password
}.ToString();
sqlite_conn.Open();
using (SQLiteCommand cmdCount = new SQLiteCommand("SELECT * from fruit", sqlite_conn))
{
using (SQLiteDataReader reader = cmdCount.ExecuteReader())
{
while (reader.Read())
{
MessageBox.Show(reader["Type"].ToString());
}
}
}
}
Encountered error: System.Data.SQLite.SQLiteException: 'file is not a database
file is not a database'
Update:
public class Model
{
[PrimaryKey,AutoIncrement]
public int Id { get; set; }
public string Content { get; set; }
}
var conn = new SQLiteConnection(new SQLiteConnectionString(filename, true, password));
conn.ExecuteScalar<int>(String.Format("PRAGMA cipher_license = '{0}';", licenseKey));
conn.CreateTable<Model>();
I was able to create table using above code but how do I select, update, insert new data in with parameterized?
First, immediately after opening your connection I would verify that you are properly including SQLCipher. This can be verified by executing a SQL statement which will return the current SQLCipher library version number:
PRAGMA cipher_version;
If you do not receive a value back from the above query, SQLCipher is not properly integrated with your application.
If you do get a version string value, but remain unable to query the database content itself, either your password is incorrect, or possibly the encrypted database file may have been created with a different major version of SQLCipher than the library version. If this is the case, you can choose to either perform a one-time migration by executing the following command:
PRAGMA cipher_migrate;
Alternatively, you can choose to set a compatibility mode based on the SQLCipher version that was used to create the database file. More information about the compatibility mode can be found here.
Related
I am having below piece of code where i try to connect to IBM's Informix database.
public void MakeConnection()
{
string ConnectionString =
#"Database=databasename;
Host=ipaddress;
Server=servername;
Service=port;
Protocol = olsoctcp;
UID = userid;
Password = password;";
IfxConnection conn = new IfxConnection();
conn.ConnectionString = ConnectionString;
try
{
conn.Open();
}
catch (IfxException ex)
{
Console.WriteLine(ex.ToString());
}
Console.ReadLine();
}
Getting below error on opening a connection.
ERROR [HY000] [Informix .NET provider][Informix]Database locale information mismatch.
When i try connecting using windows ODBC Data sources application, by creating a new user data source under User DSN and providing all necessary values under each section of Informix ODBC driver setup, i am able to connect successfully.
All i understand is that the client application's and database's Database Locale value should be same for proper query execution, and i have tried using en_US.57372 and en_US.UTF8 DB Locale while configuring in user DSN's which worked pretty well. I am posting here a image for better understanding.
Appreciate if anyone can help me in knowing where i can find DB Locale configured for in an Informix database and also in detail on what actually causes for this error.
Finally able to connect to database from test application!. Okay here we go,
Step 1: First we need to find what Database locale that database allows us to use? so following #Luis Marques way as he mentioned in comment section, found that Database Locale used is en_US.57372, also en_US.UTF8 is supported.
Step 2: By default, connection object's client locale and database locale property values will be whatever default value was set when Informix ODBC driver was installed.
Slightly modified my test app code as below,
public void MakeConnection()
{
string ConnectionString = "Database=databasename;Host=ipaddress;Server=servername;Service=port;Protocol = olsoctcp; UID = userid; Password = password;";
IfxConnection conn = new IfxConnection();
conn.ConnectionString = ConnectionString;
conn.ClientLocale = "en_US.UTF8";
conn.DatabaseLocale = "en_US.UTF8";
try
{
conn.Open();
}
catch (IfxException ex)
{
Console.WriteLine(ex.ToString());
}
Console.ReadLine();
}
So manually assigning client and database locale values for connection object with what we have got in step 1 solved the issue.
I am writing an SQL Server application in C# built in Visual Studio. It is a Windows Forms Application. The program will be installed on the network where users will run it.
The problem I am struggling with is how to manage the configuration file. It has the server username and password there for all to see. I tried Click Once and an encryption scheme but they both required the programs to run on the computer the program was running from. It failed when I tried to run it from a workstation. This is different from How do I avoid having the database password stored in plaintext in sourcecode? because all of those solutions either suggested using integrated security or machine based encryption. Neither of those options would work for me.
Any help would be deeply appreciated.
Don't store passwords in plain text. Period. Full stop.
You should take a cue from SQL Server. Yes, you can store usernames in passwords in plain text in a web/app.config. But for Production servers you never should. Instead for Production deployments you should have a config that uses Integrated Security. That allows for elevated access by accessing credentials which are handled securely by Windows rather than insecurely in a config file.
Similarly, you should use something like WindowsIdentity, or OpenId. Then you can pass around auth tokens in your code rather than storing credentials in plain text.
This is why software developers created multi-tier designs that include middleware services like web services. Web services can be hosted in IIS and the windows account and password can be configured into the Application Identity section of the application connection pool. Then the web.config connection string can be configured with trusted_connection=true. Configuring it this way uses the Windows Data Protection API to protect the identities.
If you mean data at app.config it is simple! You have to use these two classes:
EntityConnectionStringBuilder
https://msdn.microsoft.com/en-us/library/system.data.entityclient.entityconnectionstringbuilder(v=vs.110).aspx
And
SqlConnectionStringBuilder
https://msdn.microsoft.com/en-us/library/system.data.sqlclient.sqlconnectionstringbuilder(v=vs.110).aspx
I learn it from this page: Programmatic Connection Strings in Entity Framework 6 It is very good guide. In any cases, That link didn't help you!? Just Google something like this:
C# define connection string at runtime
After you put all connection string inside your code, you can go and delete any sensitive data from connectionStrings tag of app.config file because your app will not use it anymore! Then compile your code again.
If you are using DB First in EF, then you can check this Guide too: How to set Connection String with Entity Framework
UPDATED:
I added two of my Classes that I manage and create connection string with them programmatic (Dynamic), One is belong to my Entity Framework project that I used SQL Server Compact Edition (SQL Server CE) and the second one belong to another Entity Framework Project That I used SQL Server Express 2014 with SQL Server authentication (used sa username). I will leave both method here in case anyone need them:
This belong to my SQL Server CE project:
public static string GetDBConnectionString(string dataParentPath = "")
{
EntityConnectionStringBuilder entityBuilder = new EntityConnectionStringBuilder();
SqlCeConnectionStringBuilder sqlCEBuilder = new SqlCeConnectionStringBuilder();
if (string.IsNullOrEmpty(dataParentPath) == true)
dataParentPath = #"C:\MyDBFolder\CMS.sdf";
sqlCEBuilder.DataSource = dataParentPath;
sqlCEBuilder.Password = "12345687";
sqlCEBuilder.MaxDatabaseSize = 4090;
entityBuilder.Metadata = "res://*/CMS.csdl|res://*/CMS.ssdl|res://*/CMS.msl";
entityBuilder.ProviderConnectionString = sqlCEBuilder.ToString();
entityBuilder.Provider = "System.Data.SqlServerCe.4.0";
return entityBuilder.ToString();
}
This belongs to my SQL Server Express project with SQL Server authentication:
using System;
using System.Collections.Generic;
using System.Data.Entity.Core.EntityClient;
using System.Data.SqlClient;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace CMS
{
class mySettings
{
public static string GetDBConnectionString()
{
// **************************************************
// This is my "ConnectionString" from App.config file.
// <connectionStrings>
// <add name="CMSEntities"
// connectionString=
// "metadata=res://*/CMS.csdl|res://*/CMS.ssdl|res://*/CMS.msl
// ;provider=System.Data.SqlClient
// ;provider connection string="
// ;data source=MY-PC\SQLEXPRESS
// ;initial catalog=CMS
// ;user id=sa
// ;password=12345687
// ;MultipleActiveResultSets=True
// ;App=EntityFramework
// ""
// providerName="System.Data.EntityClient" />
//</connectionStrings>
// **************************************************
string metaData = "res://*/CMS.csdl|res://*/CMS.ssdl|res://*/CMS.msl";
string providerName = "System.Data.SqlClient";
string dataSource = #"MY-PC\SQLEXPRESS";
string databaseName = "CMS"; // = InitialCatalog
string userID = "sa";
string password = "12345687";
string appName = "EntityFramework";
EntityConnectionStringBuilder entityBuilder = new EntityConnectionStringBuilder();
SqlConnectionStringBuilder sqlBuilder = new SqlConnectionStringBuilder();
// = = = = = = = = = = = = = = = =
sqlBuilder.DataSource = dataSource;
sqlBuilder.InitialCatalog = databaseName;
sqlBuilder.MultipleActiveResultSets = true;
sqlBuilder.UserID = userID;
sqlBuilder.Password = password;
sqlBuilder.ApplicationName = appName;
// = = = = = = = = = = = = = = = =
entityBuilder.Provider = providerName;
entityBuilder.Metadata = metaData;
entityBuilder.ProviderConnectionString = sqlBuilder.ConnectionString;
return entityBuilder.ToString();
}
}
}
As you can see, My database in both project have same name "CMS" so its Entities will be named "CMSEntities". Now! you have to override its DbContext constructor. It is Important but easiest part! Better description than mine is from this page "http://www.cosairus.com/Blog/2015/3/10/programmatic-connection-strings-in-entity-framework-6":
Now your Entity Model extends from DbContext and DbContext provides a
constructor to pass in a Connection String, but your Entity Model does
not overload those constructors for you. In order to access the
constructor overload, you will need to create a new class partial for
your Entity Model database context in the same namespace as your
Entity Model with the required constructor signature. Pro Tip: be sure
to name the filename of the cs file a different name than the Entity
Model database context in the event that future generated code does
not overwrite your changes.
So I build a class at root of my Project, The class must be partial:
using System;
using System.Collections.Generic;
using System.Data.Entity;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace CMS // Your Project Namespace
{
public partial class CMSEntities : DbContext
{
public CMSEntities(string connectionString)
: base(connectionString)
{
}
}
}
and Anytime I wanna access to my Database I will use this code:
using (CMSEntities db = new CMSEntities(CMSSettings.GetDBConnectionString()))
{
// Do your DB stuff here...
}
I hope It help you or others which I learn all of that from this site "stackoverflow" and users.
Good Luck
For the past month I've been getting data with a C# program in tandem with a company's API. Just yesterday all the sudden it would no longer work, even though I haven't changed the code at all. Here's the code:
public string GetMatchCode()
{
//this could be loaded from config file or other source
string connectString = "Server=123.123.1.23;Database=blah_users;Uid=blah_data;Pwd=blahblah;";
string sql = "SELECT MAX(match_id) FROM `data_blah`";
using (var connect = new MySqlConnection(connectString))
using (var command = new MySqlCommand(sql, connect))
{
connect.Open();
return command.ExecuteScalar().ToString();
}
}
And I get this error:
An unhandled exception of type 'MySql.Data.MySqlClient.MySqlException' occurred in MySql.Data.dll
Additional information: Access denied for user 'blah_data'#'cpe-86-80-21-54.san.res.rr.com' (using password: YES)
Any idea what could have happened and how to fix it? The only thing I think could've happened is that my support ticket dealing with node.js compatibility was executed wrong by support employees. Thanks!
Your db user's permission has failed. The user may have been removed; the permissions may have been modified. Contact the db owner.
So it looks like you are not authenticating: Either incorrect credentials or server needs a different method. Try disabling "sslmode" like below:
public string GetMatchCode()
{
//this could be loaded from config file or other source
string connectString = "Server=123.123.1.23;Database=blah_users;Uid=blah_data;Pwd=blahblah;sslmode=none;";
string sql = "SELECT MAX(match_id) FROM `data_blah`";
using (var connect = new MySqlConnection(connectString))
using (var command = new MySqlCommand(sql, connect))
{
connect.Open();
return command.ExecuteScalar().ToString();
}
}
That should do it
string sql = "SELECT MAX(match_id) FROM `data_blah`";
Isn't it supposed to be " ' " instead of " ` " surrounding "data_blah"?
I'm just a beginner in C#. I'm using XAMPP server for MySQL database and Visual C# 2010. Then I have created a database named "testdb" in phpMyAdmin and a table named "login". I have inserted my username and password in the table. I'm doing a simple WinForm login where I made two text boxes for username and password and a button. I have my codes done and there's no compiler error. But I had troubled in one line. It says "Unable to connect to any of the specified MySQL hosts". I added MySql.Data to my references. I want to fetch the data in the database table when I'm going to log in. Then authorize the user or if not matched, it will prompt an error message.
Here is my code:
using MySql.Data.MySqlClient;
public bool Login(string username, string password)
{
MySqlConnection con = new MySqlConnection("host=localhost;username…");
MySqlCommand cmd = new MySqlCommand("SELECT * FROM login WHERE username='" +
username + "' AND password='" + password + "';");
cmd.Connection = con;
con.Open(); // This is the line producing the error.
MySqlDataReader reader = cmd.ExecuteReader();
if (reader.Read() != false)
{
if (reader.IsDBNull(0) == true)
{
cmd.Connection.Close();
reader.Dispose();
cmd.Dispose();
return false;
}
else
{
cmd.Connection.Close();
reader.Dispose();
cmd.Dispose();
return true;
}
}
else
{
return false;
}
}
*I hope for your your feedback. :)
Your immediate problem is probably either an incorrect connection string or the database server is not available. The connection string should be something like this
Server=localhost;Database=testdb;Uid=<username>;Pwd=<password>;
with <username> and <password> replaced with your actual values.
Besides that your code has several issues and you should definitely look into them if this is intended to become production code and probably even if this is just a toy project to learn something. The list is in particular order and may not be comprehensive.
Do not hard code your connection string. Instead move it to a configuration file.
Do not include plain text passwords in configuration files or source code. There are various solutions like windows authentication, certificates or passwords protected by the Windows Data Protection API.
Do not just dispose IDisposable instances by calling IDisposable.Dispose(). Instead use the using statement to release resources even in the case of exceptions.
Do not build SQL statements using string manipulation techniques. Instead use SqlParameter to prevent SQL injection attacks.
Do not store plain text passwords in a database. Instead at least store salted hashes of the passwords and use a slow hash function, not MD5 or a member of the SHA family.
You can use IDbCommand.ExecuteScalar to retrieve a scalar result and avoid using a data reader.
Comparing a boolean value with true or false is redundant and just adds noise to your code. Instead of if (reader.IsDBNull(0) == true) you can just use if (reader.IsDBNull(0)). The same holds for if (reader.Read() != false) what is equivalent to if (reader.Read() == true) and therefore also if (reader.Read()).
Using an O/R mapper like the Entity Framework is usually preferred over interacting with the database on the level of SQL commands.
Try modifying your ConnectionString accordingly to the Standard MySQL ConnectionString:
Server=myServerAddress;Database=myDataBase;Uid=myUsername;Pwd=myPassword;
Source:
MySQL ConnectionStrings
You can also take a look at the following link, that shows how to connect to a MySQL database using C#:
Creating a Connector/Net Connection String (MYSQL)
Make it simple and sql injection free, and also don't forget to add MySql.Web
in your references since your using XAMPP
public bool Login(string username, string password)
{
DataTable dt = new DataTable();
string config = "server=....";
using (var con = new MySqlConnection { ConnectionString = config })
{
using (var command = new MySqlCommand { Connection = con })
{
con.Open();
command.CommandText = #"SELECT * FROM login WHERE username=#username AND password=#password";
command.Parameters.AddWithValue("#username", username);
command.Parameters.AddWithValue("#password", password);
dt.Load(command.ExecuteReader());
if (dt.Rows.Count > 0)
return true;
else
return false;
} // Close and Dispose command
} // Close and Dispose connection
}
How can I with "code" create a new .mdf/.sdf database?
I've tried this:
http://support.microsoft.com/kb/307283
All it does is fail on the ConnectionString. Since I have no connection to a file that exists before I create it, how can I only connect to the SQL Express Server just to create a mdf/sdf database?
I want to be able to just connect to the server and create the file, from there it probably will be easier to create the tables and such.
Any suggestions?
public static void CreateSqlDatabase(string filename)
{
string databaseName = System.IO.Path.GetFileNameWithoutExtension(filename);
using (var connection = new System.Data.SqlClient.SqlConnection(
"Data Source=.\\sqlexpress;Initial Catalog=tempdb; Integrated Security=true;User Instance=True;"))
{
connection.Open();
using (var command = connection.CreateCommand())
{
command.CommandText =
String.Format("CREATE DATABASE {0} ON PRIMARY (NAME={0}, FILENAME='{1}')", databaseName, filename);
command.ExecuteNonQuery();
command.CommandText =
String.Format("EXEC sp_detach_db '{0}', 'true'", databaseName);
command.ExecuteNonQuery();
}
}
}
Change Catalog=tempdb to Catalog=master, its good worked
Sample use:
var filename = System.IO.Path.Combine("D:\\", "testdb.mdf");
if (!System.IO.File.Exists(filename))
{
CreateSqlDatabase(filename);
}
Regarding .sdf files (SQL Server CE), you can use the SqlCeEngine class to create a new database, as described in this MSDN article.
Create .sdf database
using System.Data.SqlServerCe;
using System.IO;
string folderPath="D:\\Compact_DB"
string connectionString;
string fileName =folderPath+"\\School.sdf";
string password = "12345";
if (File.Exists(fileName))
{
File.Delete(fileName);
}
connectionString = string.Format("DataSource=\"{0}\"; Password='{1}'", fileName, password);
SqlCeEngine obj_ceEngine = new SqlCeEngine(connectionString);
obj_ceEngine.CreateDatabase();
Make sure you have a valid connection string.
The database/catalog that you need must be set to a valid database, usually this can be the "master" which is always available and since you will be using master to create a database.
If you need to create a database from scratch programmatically i normal go into the SQL Server Management Studio and create it through the gui in a first step. But instead of clicking on the OK button in the bottom right, i click on the Script button in the top toolbar. This will give me a complete sql script for creating the database i'd like to have. Then i can alter the script and change the parts i'd like dynamically.
I suppose the problem is in the ConnectionString. It should point to the valid instance of the master db (as in the article you refer to). Make sure it is correct, and it should work.
Use a connectionString with InitialCatalog = master. Since only master has default access to create a database.