i need some help concerning the encryption and decryption
i have a login table on my microsoft sql server 2012
but i want to do the encryption and decryption

remember i have 5 departments and i want to direct each username and password to a specific department form that i already created
but i already populate the login table and seems like it is not a good idea
my system is based on 5 departments and each manager has a username and login which will log them to their specific departments

[code]

Imports System.IO
Imports System.Text
Imports System.Data
Imports System.Data.SqlClient
Imports System.Configuration
Imports System.Security.Cryptography

Public Class Frmlogin

Dim Response As Object
Dim Request As Object

Private Function Encrypt(clearText As String) As String
    Dim EncryptionKey As String = "MAKV2SPBNI99212"
    Dim clearBytes As Byte() = Encoding.Unicode.GetBytes(clearText)
    Using encryptor As Aes = Aes.Create()
        Dim pdb As New Rfc2898DeriveBytes(EncryptionKey, New Byte() {&H49, &H76, &H61, &H6E, &H20, &H4D, _
         &H65, &H64, &H76, &H65, &H64, &H65, _
         &H76})
        encryptor.Key = pdb.GetBytes(32)
        encryptor.IV = pdb.GetBytes(16)
        Using ms As New MemoryStream()
            Using cs As New CryptoStream(ms, encryptor.CreateEncryptor(), CryptoStreamMode.Write)
                cs.Write(clearBytes, 0, clearBytes.Length)
                cs.Close()
            End Using
            clearText = Convert.ToBase64String(ms.ToArray())
        End Using
    End Using
    Return clearText
End Function

Private Function Decrypt(cipherText As String) As String
    Dim EncryptionKey As String = "MAKV2SPBNI99212"
    Dim cipherBytes As Byte() = Convert.FromBase64String(cipherText)
    Using encryptor As Aes = Aes.Create()
        Dim pdb As New Rfc2898DeriveBytes(EncryptionKey, New Byte() {&H49, &H76, &H61, &H6E, &H20, &H4D, _
         &H65, &H64, &H76, &H65, &H64, &H65, _
         &H76})
        encryptor.Key = pdb.GetBytes(32)
        encryptor.IV = pdb.GetBytes(16)
        Using ms As New MemoryStream()
            Using cs As New CryptoStream(ms, encryptor.CreateDecryptor(), CryptoStreamMode.Write)
                cs.Write(cipherBytes, 0, cipherBytes.Length)
                cs.Close()
            End Using
            cipherText = Encoding.Unicode.GetString(ms.ToArray())
        End Using
    End Using
    Return cipherText
End Function

Private strCon As String = "Data Source=OCHO_CINCO;Initial Catalog=CGHMS;Integrated Security=True"
Dim dept_id As String

Private Sub BtnLogin_Click(sender As Object, e As EventArgs) Handles BtnLogin.Click

    Dim cmd As New SqlCommand()
    Using con As New SqlConnection(strCon)
        con.Open()
        cmd.Connection = con
        cmd.CommandText = "INSERT INTO Login (log_username,log_password) values(values ('" & TxtUsername.Text.Trim() & "','" & Txtpassword.Text.Trim() & "' )"

        cmd.CommandType = CommandType.Text
        cmd.Parameters.AddWithValue("@Username", TxtUsername.Text.Trim())
        cmd.Parameters.AddWithValue("@Password", Encrypt(Txtpassword.Text.Trim()))
        cmd.Connection = con
        con.Open()
        cmd.ExecuteNonQuery()
        con.Close()
    End Using

    Response.Redirect(Request.Url.AbsoluteUri)

End Sub

Recommended Answers

All 2 Replies

cmd.CommandText = "INSERT INTO Login (log_username,log_password) values(values ('" & TxtUsername.Text.Trim() & "','" & Txtpassword.Text.Trim() & "' )"

It should be

cmd.CommandText = "INSERT INTO Login (log_username,log_password) values(@Username,@Password)"

"This codes not suitable for Log-In form . It should be for Sign-Up form. "

Are you trying to Login or is it an registration/sign up code.? If you are trying for login then you need to use select query rather than insert.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.