|
Thanks Sir I am new in silverlight
Piyush Vardhan Singh
p_vardhan14@rediffmail.com
http://holyschoolofvaranasi.blogspot.com
http://holytravelsofvaranasi.blogspot.com
|
|
|
|
|
We are doing a project in asp.net 2.0 with sql server 2005,we need to move to the next record at the click of a button.We are using an sql datareader,we have one button 'show',to show each record,and in the page load, the following code is there:
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
regid.Text = "1"
mysql = "select que_bank.que_no,que_bank.ans,testquestions.ans from testquestions,que_bank where que_bank.que_no=testquestions.que_no and testquestions.reg_id='" & regid.Text & "'"
cmd.CommandText = mysql
myconn.Open()
objdr = cmd.ExecuteReader()
End Sub
Protected Sub show_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles show.Click
objdr.Read()
queno.Text = objdr.GetValue(0)
cans.Text = objdr.GetValue(1)
urans.Text = objdr.GetValue(2)
End Sub
Can anyone help us?
|
|
|
|
|
Hi,
Can u use DataTable in place of DataReaader?
Regards
Anil Pal
|
|
|
|
|
I hope this is a bad practice..
In your code connection is open and seems to be never closed.
Best thing to do is to use Paging in Sql server with @rowsPerPage being 1 and @pageNum being row no.
hope u understand the concept
|
|
|
|
|
hello i want code in use capcha img use and give small example
Thanx @};-
|
|
|
|
|
|
|
How to get the Client Machine IP Address if Using Proxy and also not. I Tried the following code, but all the code is returning 127.0.0.1.
1) TextBox1.Text = HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED_FOR"];
2) if (Context.Request.ServerVariables["HTTP_VIA"] != null) // using proxy
{
TextBox1.Text = Context.Request.ServerVariables["HTTP_X_FORWARDED_FOR"].ToString(); // Return real client IP.
}
else// not using proxy or can't get the Client IP
{
TextBox1.Text = Context.Request.ServerVariables["REMOTE_ADDR"].ToString();
}
3) TextBox1.Text = HttpContext.Current.Request.ServerVariables["REMOTE_HOST"];
4) TextBox1.Text = HttpContext.Current.Request.UserHostAddress.ToString();
|
|
|
|
|
Hi dear,
just try this
using System.Net;
and code :
String strHostName, IPadd;
strHostName = Dns.GetHostName();
IPAddress[] addr = Dns.GetHostAddresses(strHostName);
IPadd = addr[0].ToString();
|
|
|
|
|
This is showing the private IP of the Machine, not the actual IP.
|
|
|
|
|
I think you are running this with http://localhost/...
if upload in some live server
System.Web.HttpContext.Current.Request.UserHostAddress should work...
--------------------
logiclabz
|
|
|
|
|
OK. Now am running locally. i will try ...
|
|
|
|
|
Hi to all,
I have a issue regarding the use of sessions.
I am working on a shopping cart project. In my project I am sessions a lot in transfering data from one page to another. Sometimes even the username and passwords. I also used session for carrying the cart data from one page to another.
So I want to know, Is there anything like the session can be hacked or they are not safe?
If yes then please suggest me a method to make the sessions secure by encrypting or something like that.
Waiting for the response....
Thanks in advance.
cheers,
sneha
|
|
|
|
|
Hmmm... well first of all, session object will hit your application performance. Secondly it on server side so it's already secure as such as server. However if transfering this information from one system to another then u need to encrypt it first.
Feel free to ask.
Cheers!
Regards
Anil Pal
|
|
|
|
|
Hi Anil Pal,
Thanks for replying. You mean to say that it is already secured. Is there any chance that when the username and passwords are passed from one page to another through session, they can be leaked or something like that.
cheers,
sneha
|
|
|
|
|
Hi thats correct, they are secure. Bcz session is on server side.
So u can use session to hold the Username and password.
Regards
Anil Pal
|
|
|
|
|
Hi,
I got it.Thanks for your assistance.
Looking forward for your suggestions in future.
cheers,
sneha
|
|
|
|
|
sneha Choudhary wrote: . Is there any chance that when the username and passwords
Wondering why you are keeping password in session? Are you storing the password as plain text in DB?
|
|
|
|
|
Hi,
N a v a n e e t h wrote: Are you storing the password as plain text in DB?
Yes It is stored as clear text. What should I do. Should I encrypt it.
Please suggest me..
cheers,
sneha
|
|
|
|
|
sneha Choudhary wrote: Should I encrypt it
Hash it. Passwords stored as plain text is not secure. Better method is to hash the password and store the computed hash in database. When user enters password for authentication, has it and compare the hash with the value stored in DB. System.Security.Cryptography[^] got many classes to work with. Check SHA[^] implementation.
|
|
|
|
|
Hi,
Thanks a lot. I will definitely do like that. My heartiest thanks to you.
cheers,
sneha
|
|
|
|
|
N a v a n e e t h wrote: Hash it. Passwords stored as plain text is not secure. Better method is to hash the password and store the computed hash in database. When user enters password for authentication, has it and compare the hash with the value stored in DB. System.Security.Cryptography[^] got many classes to work with. Check SHA[^] implementation.
Hi,
As you suggested I did it but login is not working. I did like this.
protected void Button1_Click(object sender, EventArgs e)
{
string pwd = Txtpassword.Text.Trim();
string hashpwd = FormsAuthentication.HashPasswordForStoringInConfigFile(pwd, "SHA1");
SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["newcon"].ConnectionString);
SqlCommand cmd = new SqlCommand();
cmd.Connection = con;
cmd.CommandText = "Select userid,username,password,first_name from USERS where username=@username and password=@password";
cmd.Parameters.Add("@username", SqlDbType.NVarChar, 50).Value = Txtusername.Text.Trim();
cmd.Parameters.Add("@password", SqlDbType.NVarChar, 50).Value = hashpwd;
try
{
cmd.Connection.Open();
SqlDataReader rdr = cmd.ExecuteReader();
while(rdr.Read())
{
uid = (rdr["userid"]).ToString();
fname = (rdr["first_name"]).ToString();
uname = (rdr["username"]).ToString();
Session["uname"] = uname;
Session["userid"] = uid;
if (uname != null)
{
Session["Logged"] = "Yes";
Session["User"] = fname;
Label6.Text = (Session["URL"]).ToString();
Response.Redirect(Label6.Text);
}
else
{
}
}
}
catch (SqlException se)
{
Lblmsg.Text = se.Message;
}
catch (Exception ee)
{
Lblmsg.Text = ee.Message;
}
finally
{
cmd.Connection.Close();
}
}
PLease assist me..
cheers,
sneha
|
|
|
|
|
Is your server is local for application or remote. You can use sql encryption for encrypt the password while saving and decrypt same key of sql. (If server is local).
The way u r doing, i think is not good. Where is your key for encryption and decryption?
Regards
Anil Pal
|
|
|
|
|
anilpal wrote: Is your server is local for application or remote.
Hi Anil Pal,
My server is local.I am little bit confused in that. Can I ask you few things.
1.When I used this hashed technique with a setting in web.config like
<sessionstate mode="InProc" cookieless="AutoDetect" regenerateexpiredsessionid="true" timeout="30">
It is working fine. But when I changed the cookieless="UseUri" It is not working.why?
2. Can you please tell me the pros and cons of using Sql encryption techniques and hased technique.
cheers,
sneha
|
|
|
|
|
Hi Senha,
Please have look for encryption and decryption from code behind:
http://www.codeproject.com/script/Forums/View.aspx?fid=12076&msg=2941892
have posted for querystring but u can use same for yr need.
Tommarrow i'll let know the pros and cons abt code and sql encryption.
Now i have to go home.
Regards
Anil Pal
|
|
|
|