I'm working on a Windows form application where I want to automate some tasks. I'm have a problem when it comes to password fields.
My problem is when I press the submit button it says incorrect username/password. When I pass my text into the text fields like:
Username: hey
Password: hey
(So in the password field it's still plain text but it should have changed to ●●●)
I guess it's becuase I set the value, and that's why it only works with the username.
I have also tried:
element.InnerText = "hey";
Does anyone know how I can insert a valid password "text" like ●●● insert of plain text.
I don't know if it has any significance but there is also some javascript on the textfield (on the site I'm trying to login at).
Another thing is when i inspect the source I can see that the passwords field type="text"?
I have tried other automation software and I can see that they can't insert into the password field either. So perhaps there is some kind of blockage here?
I hope I make myself clear, else I would gladly explain in more details.
And I must say I have almost searched the entire web without any luck! :p
Thanks
Solved
The problem was that there was a textbox on top of the password field. I suddenly saw that after I looked in the source code again!
On the textbox on witch you type the password change the textbox.PasswordChar proporty to ●
textbox1.PasswordChar = '●';
The problem was that there was a textbox on top of the password field. I suddenly saw that after I looked in the source code again!
The thing there confused me was because I couldn't see any there were any text inserted. lol
Related
I am using the PasswordRecovery Control in my ASP.NET WebForms Application (C#), now the thing is, When we are using PasswordRecovery Control, we are forced to use Wizard Control, which means, if the user enters username correctly, it will then hide textbox and display success message (or whatever you put in SuccessTemplate).
Now, the issue is by this way, when Unauthorized user, tries to access the application, they can try this control to get the actual username from the application (security risk). So, if they try the wrong username, they will get the "UserNameFailureText" and if they will enter the proper username, they will see the next template (SuccessTemplate) which will show a success message (By this way, they can get that the entered username is available in the system or not), so I want to remove the wizard structure, in all scenario, the textbox with a username will stay on the screen, and no matter what user enters, he will see a generic message "if you have entered the correct username, you will receive an email" Like that.
If anyone has any idea whether it's possible in PasswordRecovery control, or should I have to build a custom Page?
PS: I have tried removing SuccessTemplate from the page, it will automatically take the default success template.
I don't see why you can't just create a page from scratch? All that text box will do is check if the user exists, send them the email, and display your message. There not a whole lot of reasons thus to use the built-in template.
So, a simple button re-set password can run some code behind, send the re-set email, and set a label or text box, or even some "div" as visible = true to display your message. You don't mention or note that authentication provider you are using - but given the built in templates - then that suggests FBA, and thus the tables that drive the site and hold user + passwords should be fully available to your code behind.
On the other hand, you might have to add some kind of password re-set table, and say include a GUID generated ID, and the datetime. That way, the link you send in the email is specific to the one user - and has a limited time before that link expires.
Or I suppose the link in the email just directs them to the new password page - but I tend to toss in a GUID that is checked against that new re-set table. With the guid, then when they click on their email link, you can display their name, and only prompt for the new password. The email link simply includes that GUID as a parameter, and you pull that one row from the re-set table to get who is about to re-set their password.
Sorry for my bad English.
I need to add a google search to my c# windows application therefore I added a textbox and a button to my form when user click on button application sends search query to google.
As you have seen google has a very good auto complete for its search textbox.
Is there any way for adding that auto complete to my application?
Yes, you can query the URL:
http://suggestqueries.google.com/complete/search?client=firefox&q=YOURQUERY
For example, http://suggestqueries.google.com/complete/search?client=firefox&q=justin will return:
["justin",["justin bieber","justin timberlake","justin tv","justin timberlake tour","justin boots","justin blackmon","justin baldoni","justin bieber twitter","justin long","justin moore"]]
There is a AutoComplete property for TextBox.
For the implementation, you can check the following link
In my WinForms project, I have 2 Inputboxes pop up asking the user for a username and a password and I would like to mask the text entry on the password inputbox.
Currently the code simply looks like:
_Passwd = InputBox("Please Enter the Corresponding Password" & vbCrLf & _
"Leave blank to abort program", "New Credentials Needed", "")
I was wondering if there was either a way to mask the text on the inputbox or if there was another pre-defined object in .Net I could use without creating my own userform with a masked textbox? (I know it's easy, just seems like more hassle than is needed if Microsoft already has it pre-created)
I haven't tried it but from description may help you :
http://visualstudiogallery.msdn.microsoft.com/1e5295a5-d7bd-4789-bced-361c608a3a7e
There is nothing built-in for this -- you have to create your own.
Is there any secure way of setting value to textbox in password mode?
I have a custom login form with a password textbox:
<asp:TextBox ID="tbPassword" runat="server" TextMode="Password"></asp:TextBox>
and on page load, I'd like to put there some remembered password I've decrypted in code-behind from a cookie.
95% of answers I've found is to set the textbox value, like:
tbPassword.Attributes["value"] = "ThePassword";
However, it's not the most secure way, as it generates following HTML code, visible when view source, where password is stored in a plain text:
<input id="tbPassword" type="password" value="ThePassword" name="ctl00$cpMainContentParent$tbPassword">
I've tried different way with jQuery, setting value with:
$("#tbLogin").val("ThePassword");
It is much better, as the value is not visible in View Source, yet the password is visible in jQuery script on a page...
I've also tried to register client script and run it, but as I cannot "unregister" it, so result is the same as with the plain jQuery sript...
Do you know any workaround to set that value and not show it in source code?
As Bob's comment says, the whole concept is flawed. If the cookie is valid, then just skip the password prompt. If it's not valid, then you have nothing to auto-fill with.
That being said, there is nothing you can do to directly fill the textbox which can't be intercepted in some way. Even if you filled it via a post-load AJAX call, the user could still see the content via something like FireBug. That's inherent in the nature of web browsers - there's nothing that's secure from the browser itself, because the browser needs to understand it to render it.
If you really want to do this, one option is to compute a custom hash of the password which incorporates the timestamp (or some other one-time value), and set the textbox to that. You'd need to accept both the standard password and the hash as valid, but the hash won't be reusable so it won't matter if the user sees it.
Do not set the password in a INPUT element. Instead, set it to a random or fixed value (if you want to indicate a password is set) or empty otherwise. As you say, it means the password is visible in the page source. To handle changing the password, set a flag if the password value so the handling code, either server or client side, knows when the password is modified.
i am using MS asp.net 3.5 chart control (Pyramid) and on the click of the series/datapoint i need to open a URL in a new window, something like javascript window.open.
Now i have tried a hell lot but that doesn't work. I am not able to give javascript to the datapoint.
Secondly i got to know that MapAreaAttributes could be given to Series as mentioned below if a new window needs to be open
series.MapAreaAttributes= "target='_blank'";
But even this doesn't works????
Guide me! Thanks
I had your same problem just now.
Here is the solutions and it works:
Notice in your code that you're using the single quotation ('). It seems that this is not allowed by the chart control or something. Let me give you an example that might help you understand:
Let's assume you have a JavaScript function that opens a window showing some data when the user clicks on a column (point) in your data (series). You can do it like this:
Chart1.Series["MySeries"].Points[0].Url = "javascript:void(0)"; //this is just to tell the browser not follow a URL, since you will control this with your javascript
Chart1.Series["MySeries"].Points[0].MapAreaAttributes = "onclick=\"OpenWindow();\""; //this is to set the onclick attribute to fire your javascript function when the user clicks your column.
In the above example in the second line of code, notice that I have used double quotation instead of single ones. If you wrote it like this :
"onclick=\'OpenWindow();\'";
it will never work! You have to use double quotations...
Also, since I am a C# developer, you have to use the \" code to write double quotations otherwise, you will get compiler error.
I hope this helps!