I have website hosted over here: but when I login then the url into the address bar keeps repeating and getting longer like: this and here if you click on to the left side menu then you can see into the address bar that the URL keeps getting bigger and bigger. Please suggest me on the above why the URL is getting bigger like this?
please find the website credential as below:
username: int123
password: 123
Here is code sample:
protected void Page_Load(object sender, EventArgs e)
{
if (!Page.IsPostBack)
{
if (Request.QueryString["type"] == "logout")
{
Session.Clear();
Response.Cookies.Clear();
//FormsAuthentication.SignOut();
Response.Redirect("http://103.252.236.33/plesk-site-preview/2wayglobal.com/103.252.236.33/login.aspx");
}
}
}
protected void btnLogin_Click(object sender, EventArgs e)
{
string username = string.Empty;
string userid = string.Empty;
string address = string.Empty;
string company = string.Empty;
if ((txtUsername.Value.Trim() == string.Empty || txtUsername.Value.Trim() == "Username") && (txtPassword.Value.Trim() == string.Empty || txtPassword.Value.Trim() == "Password"))
{
//divError.Visible = true;
lblError.Text = "Please type the correct username and password";
ResetFields();
}
else if (txtUsername.Value.Trim() == string.Empty || txtUsername.Value.Trim() == "Username")
{
//divError.Visible = true;
lblError.Text = "User name is incorrect.";
ResetFields();
}
else if (txtPassword.Value.Trim() == string.Empty || txtPassword.Value.Trim() == "Password")
{
//divError.Visible = true;
lblError.Text = "Password is incorrect.";
ResetFields();
}
else
{
DataTable dtuserLogin = db.GetLoginDetails(txtUsername.Value.Trim(), txtPassword.Value.Trim());
try
{
if (dtuserLogin.Rows.Count > 0)
{
userid = Convert.ToString(dtuserLogin.Rows[0]["srno"]).Trim();
username = Convert.ToString(dtuserLogin.Rows[0]["username"]).Trim();
company = Convert.ToString(dtuserLogin.Rows[0]["company"]).Trim();
address = Convert.ToString(dtuserLogin.Rows[0]["address"]).Trim();
//FormsAuthentication.SetAuthCookie(username + ";" + company + ";" + address, true);
}
}
catch (Exception ex)
{
throw new Exception("Error in btnLogin_Click()" + ex.Message);
}
if (username == "admin")
{
Response.Redirect("http://103.252.236.33/plesk-site-preview/2wayglobal.com/103.252.236.33/Admin/Default.aspx", true);
}
else
{
Response.Redirect("http://103.252.236.33/plesk-site-preview/2wayglobal.com/103.252.236.33/User/Default.aspx", true);
}
}
}
private void ResetFields()
{
txtUsername.Value = "Username";
txtPassword.Value = "Password";
}
It is just the code at the end of the btn click event that redirects you to that url:
if (username == "admin")
{
Response.Redirect("http://103.252.236.33/plesk-site-preview/2wayglobal.com/103.252.236.33/Admin/Default.aspx", true);
}
else
{
Response.Redirect("http://103.252.236.33/plesk-site-preview/2wayglobal.com/103.252.236.33/User/Default.aspx", true);
}
I can't see the code that is causing the issue, but I will bet $1 you are calling Redirect and passing what you think is an absolute URL but is actually a relative URL. The browser is seeing the redirect as relative and simply adding on the path to the end of the URL that is already in the address bar. It will do this over and over until the URL overflows its buffer and you get a Bad Request error.
Instead of
Response.Redirect("AbsolutePath/PageName.aspx") //This is a relative URL!
you should use
Response.Redirect("~/AbsolutePath/PageName.aspx")
or
Response.Redirect("/AbsolutePath/PageName.aspx")
or
Response.Redirect("https://ServerName.com/AbsolutePath/PageName.aspx")
...depending on what you are trying to accomplish.
Related
Based on IPWorks WebSockets 2020 .NET Edition - Demo Application, all connection requests are accepted. The following code:
private void wsserver1_OnConnectionRequest(object sender, WebsocketserverConnectionRequestEventArgs e)
{
tbLog.AppendText("Connection request from " + e.Address + ". Accepting.\r\n");
e.Accept = true;
}
I added the username and password to the client side code as below:
private void bConnect_Click(object sender, System.EventArgs e)
{
bConnect.Enabled = false;
try
{
if (bConnect.Text == "Connect")
{
websocketclient1.Timeout = 10;
websocketclient1.InvokeThrough = this;
websocketclient1.User = "ali";//****
websocketclient1.Password = "ali";//****
websocketclient1.Connect(tbServer.Text);
bConnect.Text = "Disconnect";
}
else
{
websocketclient1.Disconnect();
}
}
catch (IPWorksWSException ipwse)
{
MessageBox.Show(this, ipwse.Message, "Error", MessageBoxButtons.OK);
bConnect.Text = "Connect";
bConnect.Enabled = true;
}
}
How to control username and password on server side? i.e:
if (username=="ali" && password=="ali") e.Accept = true;
How to get a username and password on the server side when OnConnectionRequest fired?
I need help with this authentication form.
This is the xml file:
<USER_LIST>
<user>
<name>giulio</name>
<password>prova</password>
</user>
<user>
<name>giulia</name>
<password>prova1</password>
</user>
<user>
<name>renato</name>
<password>zero</password>
</user>
</USER_LIST>
and this is the code i wrote:
private void button4_Click(object sender, EventArgs e)
{
XmlDocument doc = new XmlDocument();
doc.Load("dati.txt");
foreach (XmlNode node in doc.SelectNodes("//user"))
{
String User = node.SelectSingleNode("name").InnerText;
String Pass = node.SelectSingleNode("password").InnerText;
if (User == textBox1.Text && Pass == textBox2.Text)
{
button1.Visible = true;
dlt_btn.Visible = true;
button3.Visible = true;
button3.Visible = true;
button5.Visible = true;
return;
}
else
{
MessageBox.Show("Invalid Username or Password!");
}
}
}
But like this, for example, if i login with the name "renato" and password "zero"
it give me back two times the message box "Invalid Username or Password!" and the third time it show the button needed. I know why but i can't think another way to do it. This is my very first project and i started coding like yesterday, so i'm sorry if ask you a stupid thing like this.
Thank you for your help in advance!
I suppose it's just for learning purpose or an assignment which should be kept as simple, otherwise it's not secure at all.
You don't need to use a loop. Currently your loop loop checks all nodes one by one and for each node which doesn't match with given user/pass, shows the message box, that's why you see the message box until the loop reaches to the correct user/pass.
Without using a loop, you can check if the given user/pass exists in your xml file easily this way:
var userName = userNameTextBox.Text;
var password = passwordTextBox.Text;
var match = System.Xml.Linq.XElement.Load(#"d:\users.xml")
.Elements("user")
.Where(x => x.Element("name")?.Value == userName &&
x.Element("password")?.Value == password)
.Any();
Then if the match is not true, you can show message box.
The issue is that the message box will display each time you check an entry in the XML that doesn't match.
The simplest way to do this with minimal changes to your code is like this:
private void button4_Click(object sender, EventArgs e)
{
XmlDocument doc = new XmlDocument();
doc.Load("dati.txt");
bool found = false;
foreach (XmlNode node in doc.SelectNodes("//user"))
{
String User = node.SelectSingleNode("name").InnerText;
String Pass = node.SelectSingleNode("password").InnerText;
if (User == textBox1.Text && Pass == textBox2.Text)
{
found = true;
break;
}
}
if (found)
{
button1.Visible = true;
dlt_btn.Visible = true;
button3.Visible = true;
button3.Visible = true;
button5.Visible = true;
}
else
{
MessageBox.Show("Invalid Username or Password!");
}
}
We create a variable called found and set it to false. This is to ensure that if the XML is empty or there are no matches that we fail the check.
Then we loop over the results and we set found = true if a match is found. We call break to break out of the loop.
Once the loop is complete we check to see if our local variable is true:
if (found)
This is shorthand for if (found == true)
If it's true then we enable your buttons as before. If it's not true then we display the error message.
It will only display the error message once.
this is a solution, that works:
private void button4_Click(object sender, EventArgs e)
{
string username;
string password;
string CurrentUser = "";
string CurrentPwd = "";
bool LoginStatus = false;
username = textBox1.Text;
password = textBox2.Text;
XmlDocument xmxdoc = new XmlDocument();
xmxdoc.Load("dati.txt");
XmlNodeList xmlnodelist = xmxdoc.GetElementsByTagName("user");
foreach (XmlNode xn in xmlnodelist)
{
XmlNodeList xmlnl = xn.ChildNodes;
foreach (XmlNode xmln in xmlnl)
{
if (xmln.Name == "name")
{
if (xmln.InnerText == username)
{
CurrentUser = username;
}
}
if (xmln.Name == "password")
{
if (xmln.InnerText == password)
{
CurrentPwd = password;
}
}
}
if ((CurrentUser != "") & (CurrentPwd != ""))
{
LoginStatus = true;
}
}
if (LoginStatus == true)
{
button1.Visible = true;
dlt_btn.Visible = true;
button3.Visible = true;
button3.Visible = true;
button5.Visible = true;
return;
}
else
{
MessageBox.Show("Invalid Username or Password!");
}
}
I am trying to send a mail via goDaddy mail server. The mail is being sent (I am receiving it in my mailbox) but the catch block is executing and landing me to the contact page with querystring msg as "fail"
protected void Page_Load(object sender, EventArgs e)
{
if (Request.QueryString["username"] != null && Request.QueryString["email"] != null && Request.QueryString["msg"] != null)
{
try
{
string name = Request.QueryString[0];
string email = Request.QueryString[1];
string msg = Request.QueryString[2];
SmtpClient smtp = new SmtpClient("relay-hosting.secureserver.net", 25);
//smtp.EnableSsl = false;
smtp.Send("feedback#solutionpoint98.com", "b.soham1991#gmail.com", "feedback", "Name:" + name + "\n e-mail:" + email + "\n Subject:" + msg);
Response.Redirect("contact.html?msg=success");
}
catch(Exception ex)
{
Response.Redirect("contact.html?msg=fail");
}
}
else
{
Response.Redirect("contact.html");
}
}
If the mail is being sent, shouldn't it redirect to "contact.html?msg=success"?
The problem is that your first Response.Redirect() is actually throwing a ThreadAbortException. This is due to the fact that .Redirect internally calls the Response.End method, prematurely ending the Response in this case.
The correct way to do this is to use the overloaded Response.Redirect(string url, bool endResponse), which allows you to suppress the internal call to Response.End by setting endResponse to false ... which will prevent this error from being thrown.
This is all covered in this MS support article: http://support.microsoft.com/kb/312629/EN-US/
Just modify your code to look like this:
protected void Page_Load(object sender, EventArgs e)
{
if (Request.QueryString["username"] != null && Request.QueryString["email"] != null && Request.QueryString["msg"] != null)
{
try
{
string name = Request.QueryString[0];
string email = Request.QueryString[1];
string msg = Request.QueryString[2];
SmtpClient smtp = new SmtpClient("relay-hosting.secureserver.net", 25);
//smtp.EnableSsl = false;
smtp.Send("feedback#solutionpoint98.com", "b.soham1991#gmail.com", "feedback", "Name:" + name + "\n e-mail:" + email + "\n Subject:" + msg);
Response.Redirect("contact.html?msg=success", false);
}
catch(Exception ex)
{
Response.Redirect("contact.html?msg=fail", false);
}
}
else
{
Response.Redirect("contact.html", false);
}
}
What I want to do is to validate the given input by the user and then set a focus on the invalid input in text box.
My save button function is given below.
protected void btnSave_OnClick(object sender, EventArgs e)
{
try
{
if (ValidateForm())
{
Users objUser = new Users();
objUser.Username = this.txtUsername.Text;
objUser.Password = this.txtPassword.Text;
objUser.Add();
this.labelMessage.Text = "User has been saved successfully";
}
}
catch (Exception ex)
{
Monitoring.WriteException(ex);
}
}
Validation function to validate the given input is not null or empty.
private bool ValidateForm()
{
bool isvalidate = true;
try
{
string username = this.txtUsername.Text;
string password = this.txtPassword.Text;
if (username == "" || username == string.Empty)
{
this.labelMessage.Text = "Please enter username";
this.txtUsername.Focus();
isvalidate = false;
}
else if (password == "" || password == string.Empty)
{
this.labelMessage.Text = "Please enter password";
this.txtPassword.Focus();
isvalidate = false;
}
}
catch (Exception ex)
{
Monitoring.WriteException(ex);
}
return isvalidate;
}
The problem is the I am unable to set focus to any textbox after validation.
Anyone know where I am wrong?
Or there is any other better way?
I have searched a lot but most of them setting the focus on Page load (Post back). I want to do it from code behind.
Try the following Code. Use this code in your code behind. And pass your textbox id to SetFocus function. It will surely solve your problem.
Replace this code
this.txtUsername.Focus();
With this code
ScriptManager.GetCurrent(this.Page).SetFocus(this.txtUsername);
Given below is a tested code.
private bool ValidateForm()
{
bool isvalidate = true;
try
{
string username = this.txtUsername.Text;
string password = this.txtPassword.Text;
if (username == "" || username == string.Empty)
{
this.labelMessage.Text = "Please enter username";
ScriptManager.GetCurrent(this.Page).SetFocus(this.txtUsername);
isvalidate = false;
}
else if (password == "" || password == string.Empty)
{
this.labelMessage.Text = "Please enter password";
ScriptManager.GetCurrent(this.Page).SetFocus(this.txtPassword);
isvalidate = false;
}
}
catch (Exception ex)
{
Monitoring.WriteException(ex);
}
return isvalidate;
}
I am receiving the classic, Object reference not set to an instance of an object in my project when viewing the hosted website. Works when building a debug version locally.
Live
Example of code that is showing error message:
using System.DirectoryServices.AccountManagement;
protected void Page_Load(object sender, EventArgs e)
{
try
{
String username = System.Security.Principal.WindowsIdentity.GetCurrent().Name;
username = username.Substring(3);
PrincipalContext pc = new PrincipalContext(ContextType.Domain, "dc");
UserPrincipal user = UserPrincipal.FindByIdentity(pc, username);
string NTDisplayName = user.DisplayName;
//String NTUser = user.SamAccountName;
lblntuser.Text = NTDisplayName;
}
catch (Exception Ex)
{
lblntuser.Text = Ex.Message;
System.Diagnostics.Debug.Write(Ex.Message);
}
}
Try this:
protected void Page_Load(object sender, EventArgs e)
{
try
{
// you need to also take into account that someone could get to your
// page without having a Windows account.... check for NULL !
if (System.Security.Principal.WindowsIdentity == null ||
System.Security.Principal.WindowsIdentity.GetCurrent() == null)
{
return; // possibly return a message or something....
}
String username = System.Security.Principal.WindowsIdentity.GetCurrent().Name;
// if the user name returned is null or empty -> abort
if(string.IsNullOrEmpty(username))
{
return;
}
username = username.Substring(3);
PrincipalContext pc = new PrincipalContext(ContextType.Domain, "dc");
UserPrincipal user = UserPrincipal.FindByIdentity(pc, username);
// finding the user of course can also fail - check for NULL !!
if (user != null)
{
string NTDisplayName = user.DisplayName;
//String NTUser = user.SamAccountName;
lblntuser.Text = NTDisplayName;
}
}
catch (Exception Ex)
{
lblntuser.Text = Ex.Message;
System.Diagnostics.Debug.Write(Ex.Message);
}
}