SQL Server :: Try MD5 Hash For (submited Value+table Field) Get The Wrong Answer
Jul 15, 2010
I have two pages:
1) login and send username,password, machineID and a rand string to the server
2) check the machineID whether it exists in the table.
Problem is the checking machine procedure:
select MachineID from computer where MD5MachineID=@MD5MachineID2 and SUBSTRING((master.dbo.fn_varbintohexstr(HASHBYTES('MD5',MachineID+@RString))),3,32)=@MIDST
RString,MD5MachineID2,MIDST are submited by Login MD5MachineID is stored in table.
I need the check if MD5(MachineID+RString) is match the MIDST (submited).
Now the situation is :
if RString is a fixed string(not a variable).like 'abcdefg', the MD5 is correct.
if I use the RString (submited value as a variable), the MD5 is incorrect.
I have a weird thing happening. I have two identical databases installed on one virtual machine but under two different instances of SQLServer. For some reason, periodically when saving from one it will save to the other instead. Using debug, I have verified that the connection string is correct and when the item saves, it still saves to the wrong database.I use session variable, and am of the belief that it might have something to do with it...and t hat when I go from one to the other it is still getting the connection string form the other for some reason.To make sure that it isn't a problem, I make sure that I completely close out one database before opening the other in a new IE window.I assume that when I completely close out an internet explorer window that it abandons all session states. Is that true?
why the value of disabled TextBox does not submited to server?i have text box to input date(year, day, month), and decide to inforce the user to insert date throgh datepicker jQuery control, so i have disabled the textbox, but the value does not submitted till i have remove the disable attribute(i dont want to lit the user to insert the date manually then i have to do exception handling to the wrong input.. i can not gess what he/she input)
I have a SQL Server table with a number of fields that are defined with the "Float" data type. I'm running a simple query to retrieve the data from this table and use it to populate a Data Table in my C#.net application.
I just discovered that the data type of the Data Table fields is Double, not Float as I expected. As such, when I store a value like 0.157 it ends up getting stored like this: 0.15700000524520874
I'm aware that such extra "noise" occurs when such a conversion occurs. My major question has to do with why .Net didn't set the Data Type to Float (ie. Single) when the table was first populated?
currently im trying to implement a quiz system on my website in which system will auto mark student's ans. if the student's ans is wrong, system will prompt an incorrect answer, highlight the errors and count the number of errors.
I need to write a query to populate a gridview with minimum rates in ascending order for a month from three tables.For example i have three tables A,B,C as follows
TABLE A TABLE B TABLE C Id id id Quote_no Quote_no Quote_ no Name Rate1 Equip_name Rate2 E_rate Date R1_rate R2_rate Date
Now if the data is as follows
I need to get the Name from Table A ,minimum Rate1 and Rate2 values for a month in a dropdownlist from date field from Table B and the corresponding minimum rate(E_rate) for Equipment E1 and E2 only from Table C for the month in ascending order group by Name.
TABLE A
id Quote_no Name 1 101 XYZ
2 102 ABC TABLE B id Quote_no Rate1 Rate2 Date
1 101 105 200 12/11/2010
2 102 90 210 15/11/2010
TABLE C id Quote_no Equip_name E_rate R1_rate R2_Rate Date
Hopefully someone knows a way to fix this issue, but here is my problem. I need to be able to recreate a md5 hash that will be the equivalent of the hash that php would generate.
The encoding I have tried is listed below. None of these will produce the same values.
The coding language is C#3.0What is the most optimum method to retrieve all hashtable keys into string separated by a delimiter ","Is the for loop or the foreach loop the only option?
I have one asp.net application using Sql server as back end.. in sql server database i have one table which consist two fields.. ItemName and RateI have one notepad file which consist around 700 ItemName with Rate..
So how to get this ItemName and Rate in my Table...
I have a table named RECIPE which is linked to an other table name RECIPE_STATUS
In RECIPE table I have a field named Status_Id which contains the name of the Status which is fetch from the RECIPE_STATUS table based on this ID.
The RECIPE table sample information are as follow :
ID Name Status_Id ==================== 1 Test1 0 2 Test2 1 3 Test3 2
The RECIPE_STATUS entries are as follow:
ID Name ======== 0 Locked 1 Running 2 Free
From an ASP.net page I would like that my user is capable of changing the RECIPE_STATUS from a given recipe. For that I have a DataGrid which is bind to the RECIPE table.
But then what I would like is that the STATUS shown to my user to be the name Locked,Running or free depedning on the Id
How can I bound in my Datagrid the Recipe.Status to be bind to RECIPE_STATUS.Id ?
IN addition to that, If my user change the status for a given recipe, it should be properly save.
suppose i have few fileds in table and one filed is xml type. how to search this.
the xml which is stored in my xml filed like
<OpenShipments xmlns="x-schema:C:UPSLabelOpenShipments.xdr"> <OpenShipment ShipmentOption="RS" ProcessStatus=""> <ShipTo> [code]... we can query sql server data very easily but i dont know how to query the xml data which stored in xml filed.how to query address field in my xml or how to query Options field,how query CompanyOrName. please help me to construct the sql. guide me in detail with few sample for querying xml datatype.
I have a web page which contains 3 drop down boxes followed by 3 textboxes. I am implementing Required field validators for all of them . But when i hit submit , The Page first checks for empty Textboxes before checking for any value in Drop down boxes , but i want the Drop down boxes to be validated first before Textboxes. How Can it be achieved?
Is this how hashed password stored in SQL Server should look like? This is function I use to hash password (I found it in some tutorial)
public string EncryptPassword(string password) { //we use codepage 1252 because that is what sql server uses byte[] pwdBytes = Encoding.GetEncoding(1252).GetBytes(password); byte[] hashBytes = System.Security.Cryptography.MD5.Create().ComputeHash(pwdBytes); return Encoding.GetEncoding(1252).GetString(hashBytes); }
EDIT: I tried to use sha-1 and now strings seem to look like as they are suppose to:
public string EncryptPassword(string password) { return FormsAuthentication.HashPasswordForStoringInConfigFile(password, "sha1"); } // example output: 39A43BDB7827112409EFED3473F804E9E01DB4A8
Result from the image above looks like broken string, but this sha-1 looks normal....
I have a requirement to have a multiline textbox that accepts any text from any language and stores this into the database for later use. I am using Linq with ASP .NET 3.5 with a SQL Server 2005 database.
I am trying to insert a string and random number into the database as hash sha1 then loggin in against it. the problem is if I use hash it wont login but if i dont use hash the login works fine... Code below.
insert hash into db Dim user As New Label user.Visible = False user.Text = (myDataReader2.Item("username")) MyConnection2.Close() Dim MyConnection3 As New Data.SqlClient.SqlConnection("Data Source=xxx") Dim mycommand3 As New Data.SqlClient.SqlCommand("Update Register SET [Password] = @password WHERE [username] = '" & user.Text & "' AND [email] = '" & email.Text & "'", MyConnection3) Dim pass As String Dim rnd As Integer, randomNum As New Random rnd = randomNum.Next(1000, 10000) pass = "Pass" & rnd mycommand3.Parameters.AddWithValue("@password", FormsAuthentication.HashPasswordForStoringInConfigFile(pass, "SHA1")) MyConnection3.Open() mycommand3.ExecuteNonQuery() login page Sub Application_AuthenticateRequest(ByVal sender As Object, ByVal e As EventArgs) ' Fires upon attempting to authenticate the use If Not (HttpContext.Current.User Is Nothing) Then If HttpContext.Current.User.Identity.IsAuthenticated Then If TypeOf HttpContext.Current.User.Identity Is FormsIdentity Then Dim fi As FormsIdentity = CType(HttpContext.Current.User.Identity, FormsIdentity) Dim fat As FormsAuthenticationTicket = fi.Ticket Dim astrRoles As String() = fat.UserData.Split("|"c) HttpContext.Current.User = New GenericPrincipal(fi, astrRoles) End If End If End If End Sub Protected Sub Button1_Click(ByVal sender As Object, ByVal e As System.EventArgs) Dim myConnection As New SqlClient.SqlConnection Dim myCommand As New SqlClient.SqlCommand Dim intUserCount As Integer Dim strSQL As String myConnection = New SqlClient.SqlConnection("Data Source=jrome2.db.4961680.hostedresource.com; Initial Catalog=jrome2; User ID=jrome2; Password=Richard050283;") strSQL = "SELECT COUNT(*) FROM Register " _ & "WHERE UserName='" & Replace(txtusername.Text, "'", "''") & "' " _ & "AND Password='" & Replace(txtpassword.Text, "'", "''") & "';" myCommand = New SqlClient.SqlCommand(strSQL, myConnection) myConnection.Open() intUserCount = myCommand.ExecuteScalar() myConnection.Close() 'Response.Write(intUserCount) If intUserCount > 0 Then FormsAuthentication.Initialize() Dim strRole As String = AssignRoles(txtusername.Text) 'The AddMinutes determines how long the user will be logged in after leaving 'the site if he doesn't log off. Dim fat As FormsAuthenticationTicket = New FormsAuthenticationTicket(1, _ txtusername.Text, DateTime.Now, _ DateTime.Now.AddMinutes(30), False, strRole, _ FormsAuthentication.FormsCookiePath) Response.Cookies.Add(New HttpCookie(FormsAuthentication.FormsCookieName, _ FormsAuthentication.Encrypt(fat))) Response.Redirect(FormsAuthentication.GetRedirectUrl(txtusername.Text, False)) Else login.Text = "Incorrect Log In Information" End If End Sub Private Function ValidateUser(ByVal strUsername As String, ByVal strPassword As String) _ As Boolean 'Return true if the username and password is valid, false if it isn't Return CBool(strUsername = " & Replace(txtusername.Text, " AndAlso strPassword = " & Replace(txtpassword.Text, ") End Function Private Function AssignRoles(ByVal strUsername As String) As String Dim myConnection As New SqlClient.SqlConnection Dim myCommand As New SqlClient.SqlCommand Dim intUserCount As Integer Dim strSQL As String myConnection = New SqlClient.SqlConnection("Data Source=jrome2.db.4961680.hostedresource.com; Initial Catalog=jrome2; User ID=jrome2; Password=Richard050283;") strSQL = "SELECT COUNT(*) FROM Register " _ & "WHERE UserName='" & Replace(txtusername.Text, "'", "''") & "' " _ & "AND Password='" & Replace(txtpassword.Text, "'", "''") & "';" myCommand = New SqlClient.SqlCommand(strSQL, myConnection) myConnection.Open() intUserCount = myCommand.ExecuteScalar() myConnection.Close() 'Response.Write(intUserCount) If intUserCount > 0 Then Return "client" Else Return String.Empty End If End Function Protected Sub LinkButton1_Click(ByVal sender As Object, ByVal e As System.EventArgs) txtusername.Text = String.Empty txtpassword.Text = String.Empty End Sub
In of my application I am using the database to store and retrive images. The table stores the documents and the datatype of the field is IMage.
Now with Sql Server 2008, i would like to upgrade this to use this new feature. WHat changes do I have to make in terms of code and also in the database.
