Where is the Password encryption done at registration? - YAF & Portals

Welcome Guest

Search | Active Topics | Log In | Register

Yet Another Forum.NET » YAF Forum Discussions » YAF & Portals » Where is the Password encryption done at registration?

Where is the Password encryption done at registration?

Options · View

Previous Topic · Next Topic

agrodude

#1 Posted : Sunday, April 06, 2008 9:59:47 PM

Rank: YAF Forumling

Joined: 4/6/2008
Posts: 5
Location: Ipswich

Hi guys,

I'm trying to integrate YAF with my site...bet you haven't heard this one before!!lol

I have added the Register stored procedure to my custom registration page for my site so that bot my db and the yaf one get uploaded with the same login credentials.

However, the YAF site seems to encrypt the password somehow so when I pass in the clear text password, the actual password gets stuck in the database. When the user goes to login, this obviously causes an issue.

Please could you give me a pointer to which function/method does the encryption and where is it called from? (I cant see it on the registration page)

I have downloaded the latest version of the site (April 200 Cool

.

Cheers for the help

Agrodude Rolling Eyes

Report Abusive | Report SPAM

Jaben

#2 Posted : Monday, April 07, 2008 11:12:35 PM

Rank: YAF Head Dude

Joined: 10/10/2004
Posts: 2,946
Location: Honolulu, HI

string sPassword = FormsAuthentication.HashPasswordForStoringInConfigFile( Password.Text, "md5" );

"When you are grateful, fear disappears and abundance appears”."

BLOG	Report Abusive \| Report SPAM

agrodude

#3 Posted : Friday, June 27, 2008 12:31:43 PM

Rank: YAF Forumling

Joined: 4/6/2008
Posts: 5
Location: Ipswich

Thanks Jaben,

This clears it up for me now.

I've successfully entered the password into the database now using the same method in VB.

Just need to make my logon screen generate the authentication cookie for the forum then I'm done.

Regards

Agrodude

Report Abusive | Report SPAM

Degeim

#4 Posted : Sunday, July 20, 2008 5:05:11 PM

Rank: YAF Forumling

Joined: 7/1/2008
Posts: 9
Location: Norway

Could someone please tell me why I can't get this to work?

Quote:

using (SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["yafnet"].ConnectionString))
{
conn.Open();

SqlCommand command = new SqlCommand("yaf_user_login", conn);
command.CommandType = CommandType.StoredProcedure;
command.Parameters.AddWithValue("@BoardID", 1);
command.Parameters.AddWithValue("@Name", User);
command.Parameters.AddWithValue("@Password", Password);

Response.Write(command.ExecuteNonQuery().ToString());
}

It's always returning "-1", even when I know that both the username and password are correct. Shouldn't it return 1 when the correct login information was submitted?

(I've tried with "FormsAuthentication.HashPasswordForStoringInConfigFile(Password, "md5" )" instead of "Password", and I've tried with "yaf_user_login @BoardID, @Name, @Password" as command, but nothing seems to work. I know that the connectionstring is alright, since I can easily SELECT Name FROM yaf_User and retrieve all usernames.)

I hope somebody can help me!

WWW	Report Abusive \| Report SPAM

Users browsing this topic

Guest

Yet Another Forum.NET » YAF Forum Discussions » YAF & Portals » Where is the Password encryption done at registration?

Forum Jump

You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.

Watch this topic
Print this topic
RSS Feed

Normal
Threaded

YAFPro Theme Created by Jaben Cargman (Tiny Gecko)
Powered by YAF 1.9.3 RC2 | YAF © 2003-2008, Yet Another Forum.NET
This page was generated in 0.071 seconds.