Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 6 years ago.
Improve this question
I am working on making a login system for my website. I am trying to make this code work.
cmd.CommandText="SELECT Usernames,Passwords FROM logininfo WHERE Usernames="" + UsernameInput.Text
+ "AND Passwords="" + PasswordInput.Text + '"";
My only problem is I am confused where to put the " and the ' types of quotes. So this is the code that I am having trouble with. I know it is correct but the single and double quote placement is confusing me and is not letting me compile.
Please don't concatenate SQL, that exposes you to SQL injection.
Use parameters instead.
cmd.CommandText="SELECT Usernames,Passwords FROM logininfo WHERE Usernames=#username AND Passwords=#password";
cmd.Parameters.AddWithValue("#username", UsernameInput.Text);
cmd.Parameters.AddWithValue("#password", PasswordInput.Text);
Also take the advice in the comment of Scott Chamberlain, it is a bad thing to store passwords in clear or encrypted on a database. Just store hashes. But read about how to do it, it's not immediate (you need to salt it correctly and use a robust hashing algorithm such as SHA512).
It's far too complex to explain here but you'll find tons of guides on this problem.
Related
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 5 years ago.
Improve this question
So i recently started learning C# and I have an assignment from my teacher.
I have been stuck on the last part of the code and would like to know from people with more knowledge what I am doing wrong or if there is something I have forgotten.
The assignment is to let the user write maximum 5 words. Then the user can view the word he/she wrote. This part I have done and it works.
However the search part is confusing me. Im using array and for-loop and the search part is still not working. Also worth mention is that I have assigned the array to Console.Readline();, meaning test[0] Console.Readline() and so on;, if it is of any help.
So in short, I want to have a linear search that can find the written word. Also whatever I type when doing the search it says that the word exists.
This is the part I am stuck.
If you have all the words stored away in an Array, just use Array.Contains like this
string[] userWords = { "word1", "word2", "word3", "word4" };
string search = Console.ReadLine();
if(userWords.Contains(search))
{
Console.WriteLine("Word " + search + " exists");
}
You have to include the System.Linq namespace for this to work.
If I have understood your question correctly, you want to find a string from an array of strings. You can do this using a for loop.
string search=Console.ReadLine();
for(int i=0;i<5;i++){
if(test[i]==search){
Console.WriteLine("word: " + search + " exists.");
}
}
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 6 years ago.
Improve this question
Hello experts, I have to generate series of folders from a TextBox into specified location.I am having two textboxes to specify the limit of folders(say 30 folders).The problem am facing is that the folder names that i will be providing are alpha-numeric(say 121cs3h101) .
How to set limit when i provide an alpha-numeric values?
(For example: i provide textbox1=12cs3h101 and textbox2=12cs3h131 , i need the series limit to be generated). I am working with visual studio 2013 in c# windows form application. Thanks in advance.
ok I will try to give you a lead.
To parse a string or find specific characters one can use RegEx.Match or a simler method called String.Split. In both cases you have to be aware how your string is structured and how it can vary. The limits of variation are very important.
If as you say the beginning is always"12cs3h" you can either split the string at the character 'h'.
string[] sa = s.Split('h');
Or you can even use the index of 'h' (since the length seems to be fixed) and take the rest of the string to get the numbers.
int index = s.IndexOf('h');
The rest is up to you, ... convert, enumerate and so on.
EDIT: There is a nice method that does the enumeration job for you: Enumerable.Range Good luck
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 7 years ago.
Improve this question
I want to decrypt a string (HWID) which is being sent to my filter as weird characters.
It was working fine until someone released the bypass for it.
So basically I want to decrypt it and check if it's real or fake.
How I'm getting the string (HWID)?
this.hwid = current.ReadAscii(); //reading the packet
I wanna decrypt it (XOR), this is how the string (HWID) looks like; "y'2&dxw|rrbrne{"df!4* |/qd|'`-r5s "
Ignore the quotes
Any help would be appreciated;
How did I get this idea? A friend of mine who actually made the DLL which sends the string (HWID) gave me a hint. But I don't even know what's XOR. And Please if you don't understand what I mean just comment what u don't understand.
x-or is a boolean mathematical operation. You can learn all about it over here https://en.wikipedia.org/wiki/Exclusive_or
To decrypt using x-or in C# you need to use the XOR operator like this c = a ^ b;
To decrypt your string you need the key (something to x-or it with) and then perform the x-or one character at a time. This will be something like converting the strong to a bytearray and then processing one character at a time.
That would be like this question XOR function for two Hex byte arrays
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 8 years ago.
Improve this question
I have a database of let's say, 1000 strings. Whenever a user of my program writes a sentence, it checks the database, SELECT * WHERE trigger=sentence, and returns the data rows. Considering it's a database, this goes very fast.
For the program, though, it would be much more convenient to just load in the entire database into a Dictionary<string, string> at the startup. That'll allow me to use string.Contains(sentence), so a (sub-)sentence can be anywhere within a sentence, rather than the entire thing.
With just a thousand strings, that's fine. But what if the database grows larger, to say.. 100.000 strings? Even more? foreach (var w in dictionary.Keys) if (w.Contains(command)) //etc over that much strings, potentially a few times per second?
Is there a proper way to check such a large amount of strings?
Or am I just needlessly worrying? It seems like a lot, but computers have surprised me more often.
If your willing to create dynamic sql in your code:
SELECT * FROM YOURTABLE WHERE 'The sentence the user typed' like '%' + [StringColumn]+ '%'
This should check each string against whatever the user typed.
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 8 years ago.
Improve this question
C#:
var articles = Article
.OrderBy(x=> x.Name)
.Where(x=> x.Name.Contains(pattern))
.Select(x=>new {x.Name + " (article)"})
.ToList();
It's good to write this way in C# and it's called "methods concatenation". In fact, I don't remember exactly how they are called, I read it in Jon Skeet's book. The idea is that each method is on a new line, and it's normal in C#.
What about Ruby? Is it normal to write:
articles = Article
.order(:name)
.where("name like ?","%#{pattern}%")
.map(&:name)
.map {|c| c << " (article)"}
Method chaining is a staple in many languages, Ruby included. Its use is largely a matter of personal taste – some, like tokland, don't like the large expressions that can result, whereas I will gladly expand an expression to eliminate temporary variables.
Subjective question, so her's a subjective answer (as Ruby programmer):
I prefer not to create "holes", in my code I wouldn't insert that level of indentation.
You can also insert the dots at the end of the line. Which is more readable? hard to say, I prefer the latter (although I don't mind at the beginning of the line, it's not a big deal). So I'd probably write (note that those two maps could be joined):
article_names = Article.
order(:name).
where("name LIKE ?", "%#{pattern}%").
map(&:name).
map { |name| name + " (article)"}
In my experience, long chains make code harder to follow. When the chain grows too much (5, 6 elements?) I tend to break it creating intermediate variables with meaningful names, this helps me to further describe the expression:
filtered_articles = Article.order(:name).where("name LIKE ?", "%#{pattern}%")
names = filtered_articles.map { |article| "#{article.name} (article)" }