question

MohamedRafiN-6400 avatar image
0 Votes"
MohamedRafiN-6400 asked ZhiLv-MSFT edited

Password Casesensitive

Sir, I save my password in database is SAAmi@123 but if even enter in small letters saami@123 means its also logging in but it was not correct. please correct in my code pls

if (textBox9.Text != "" && textBox10.Text != "")
{
string connectionString;
MySqlConnection cnn;
connectionString = @"Data Source=localhost;Initial Catalog=testDB;User ID=root;Password=mysql";
cnn = new MySqlConnection(connectionString);
string id = textBox9.Text;
string password = textBox10.Text;
textBox9.Text = "";
textBox10.Text = "";
string query = "select count(*) from login where userid=@userid and password=@password";
using (MySqlCommand cmd = new MySqlCommand(query))
{
cmd.Parameters.AddWithValue("@userid", id);
cmd.Parameters.AddWithValue("@password", password);
cmd.Connection = cnn;
cnn.Open();
cmd.ExecuteNonQuery();
int result = Convert.ToInt32(cmd.ExecuteScalar());
var results = cmd.ExecuteReader();
DialogResult dr = MessageBox.Show("Are you sure to Login now?", "Confirmation", MessageBoxButtons.YesNo);
if (dr == DialogResult.Yes && result > 0)
{
MessageBox.Show("Login Successfully");
cnn.Close();
this.Hide();
Form2 f2 = new Form2();
f2.ShowDialog();
}
else
{
MessageBox.Show("Login Failed");
}
}
}
else
{
MessageBox.Show("Please Enter Correct Login details");
}

dotnet-csharpwindows-forms
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

5 Answers

Viorel-1 avatar image
1 Vote"
Viorel-1 answered Viorel-1 edited

In case of SQL Server:

string query = "select count(*) from login where userid=@userid and password=@password collate Latin1_General_CS_AS";


5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

AgaveJoe avatar image
0 Votes"
AgaveJoe answered

If this is a web application, MessageBox.Show() only shows on the server. It seems to work in development because your development machine is both the client and the server.

5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

karenpayneoregon avatar image
0 Votes"
karenpayneoregon answered

See BINARY operator.

The BINARY operator converts the expression to a binary string (a string that has the binary character set and binary collation). A common use for BINARY is to force a character string comparison to be done byte by byte using numeric byte values rather than character by character.



5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

rijwanansari avatar image
0 Votes"
rijwanansari answered

Hi @MohamedRafiN-6400

Your code seems okay.

However, Please check collation in database.

Comparisons are case-insensitive if the column uses a collation which ends with _ci (such as the default latin1_general_ci collation) and they are case-sensitive when the column uses a collation which ends with _cs or _bin (such as the utf8_unicode_cs and utf8_bin collations).
By Default, they are case-sensitive. To check, you can use below query.

 mysql> SELECT table_schema, table_name, table_collation 
        FROM information_schema.tables WHERE table_name = `mytable`;

Additionally, you can update collation as shown below:

 -- Change database collation
 ALTER DATABASE `databasename` DEFAULT CHARACTER SET utf8 COLLATE utf8_bin;
    
 -- or change table collation
 ALTER TABLE `table` CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin;
    
 -- or change column collation
 ALTER TABLE `table` CHANGE `Value` 
     `Value` VARCHAR(255) CHARACTER SET utf8 COLLATE utf8_bin;



5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Bruce-SqlWork avatar image
0 Votes"
Bruce-SqlWork answered Bruce-SqlWork edited

You really should not be storing the actual passwords. This is a big security risk and would fail any security audit. You should be storing a one way hash of the passwords.

5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.