This is a continuation of "Create a Basic Quiz Engine (part3)".
Let's add some more functionality to this quiz engine.
Example:
Quiz Engine Requirements
The password is encrypted before inserting into the User Profile table.
The user is given choices if the user name or password do not match.
Add the pages, controls, files and databases necessary to complete the project.
Example:
-Splash Page
--button to try again
--button to add user
--button to exit
-Quiz Database
--User Security Table
---user key
---user IV
Use the code from "Create a Basic Quiz Engine (part3)" to create a new project. Add a "UserSecurity" table to the Quiz database.
In this project I will be using Rijndael standard and symmetric encryption which uses only one key for simplicity to encrypt and decrypt. You can find more information on various encryption technologies here.
Create a new table to hold the encryption keys with 2 columns:
UserKey - (varbinary)
UserIV - (varbinary)
Add logic to load the UserKey and UserIV in the UserSecurity table.
Example:
private void SplashPage_Load(object sender, EventArgs e)
{
if (!ReadUserSecurityTable() && CheckForEmptyUserProfileTable())
{
try
{
// Create a new instance of the RijndaelManaged
// class. This generates a new key and initialization
// vector (IV).
using (RijndaelManaged myRijndael = new RijndaelManaged())
{
bytUserKey = myRijndael.Key;
bytUserIV = myRijndael.IV;
InsertKeyandIV();
}
}// end try
catch (Exception ex)
{
Console.WriteLine("Error: {0}", ex.Message);
}// end catch
}// end if (ReadUserProfileTable)
if (!ReadUserSecurityTable() && !CheckForEmptyUserProfileTable())
{
MessageBox.Show("Error!! - User Keys Detected Without Users in Database - Please Exit");
txtPassword.Visible = false;
lblPassword.Visible = false;
txtUserName.Visible = false;
lblUserName.Visible = false;
lblHeading.Visible = false;
btnEnter.Visible = false;
btnExit.Visible = true;
}
ReadUserSecurityTable();
}// end private void SplashPage_Load
Create 3 additional text boxes on the Splash page and add logic to the buttons to try again, add user or exit.
private void btnExit_Click(object sender, EventArgs e)
{
Application.Exit();
}
private void btnAddUser_Click(object sender, EventArgs e)
{
conn.ConnectionString = @"Data Source=KEN-HP\SQLSERVER2008R2;Initial Catalog=quiz1;Integrated Security=True";
strUserName = txtUserName.Text;
strUserPassword = txtPassword.Text;
ReadUserSecurityTable();
bytUserPasswordReceived = EncryptStringToBytes(strUserPassword, bytUserKey, bytUserIV);
try
{
conn.Open();
string queryStmt = "INSERT INTO UserProfile(UserName, UserPassword) VALUES(@UserName, @UserPassword)";
using (SqlCommand _cmd = new SqlCommand(queryStmt, conn))
{
_cmd.Parameters.Add("@UserName", SqlDbType.NVarChar, 100);
_cmd.Parameters.Add("@UserPassword", SqlDbType.VarBinary, 100);
_cmd.Parameters["@UserName"].Value = strUserName;
_cmd.Parameters["@UserPassword"].Value = bytUserPasswordReceived;
_cmd.ExecuteNonQuery();
}
}// end try
catch (Exception ex)
{
MessageBox.Show("Failed to insert to UserProfile");
}
finally
{
conn.Close();
}
// read the Profile Table and go to Question Page
ReadUserProfileTable();
}// end btnAddUser_Click
private void btnEnter_Click(object sender, EventArgs e)
{
strUserName = txtUserName.Text;
strUserPasswordReceived = txtPassword.Text;
ReadUserProfileTable();
if (!bolMatch)
{
MessageBox.Show("The User Name and/or Passord Does Not Match" + "\n" + "Try Again, Add User or Exit");
txtPassword.Text = "";
txtUserName.Text = "";
txtUserName.Focus();
btnAddUser.Visible = true;
btnExit.Visible = true;
btnTryAgain.Visible = true;
btnEnter.Visible = false;
}
}// end btnEnter_Click
Click here for the project code. Just create a SQL Server database with test data, edit the connection string and run it.
No comments:
Post a Comment