Converting String to Btye[]

Question

0.00/5 (No votes)

See more:

I having problem with my code.

i'm developing a login page with fingerprint scanner. Inserting the template of fingerprint scanner to sql database works fine (nvchar(MAX)),

but when selecting the template from sql im getting error like this: Unable to cast object of type 'System.String' to type 'System.Byte[]'.

here's my code:

VB

Dim cn As New SqlConnection(ConnectString())
          cn.Open()
          dim bytes as Byte()
          sqlCommand.CommandText = "Select template from usertbl where username='" + registration.txtusername.Text + "'"
          sqlCommand.CommandType = CommandType.Text
          sqlCommand.Connection = cn

          Dim lrd As SqlDataReader = sqlCommand.ExecuteReader()
          Dim usr
          While lrd.Read()
              usr = lrd("template")

          End While


          bytes = Nothing
          bytes = usr

              template = New DPFP.Template()
              template.DeSerialize(usr)
              'Perform  match
              matcher.Verify(FeatureSet, template, matchResult)
              If matchResult.Verified Then
                  EventHandlerStatus = Gui.EventHandlerStatus.Success
              MsgBox("Verified!")
              Me.Hide()
              registration.Show()
              Else

              EventHandlerStatus = Gui.EventHandlerStatus.Failure
              MsgBox("Please Try Again!")
              End If

I'm using DigitalPersona 4500 BTW

Posted 28-Apr-13 23:50pm

Justin Jendrick Nocillado

Updated 28-Apr-13 23:51pm

v2

Add a Solution

Comments

Keith Barrow 29-Apr-13 6:01am

Can you let us know which line is throwing the error?
Also "Select template from usertbl where username='" + registration.txtusername.Text + "'" is bad. You might want to look up "SQL Injection attack." for the reasons why. Parameterise your query and all will be well.

Justin Jendrick Nocillado 29-Apr-13 6:43am

in this Line:
<pre lang="vb">bytes = usr</pre>

This is the fullcode

<pre lang="vb">

Private WithEvents verifyControl As DPFP.Gui.Verification.VerificationControl
Private matcher As DPFP.Verification.Verification
Private matchResult As DPFP.Verification.Verification.Result
Private allReaderSerial As String = "00000000-0000-0000-0000-000000000000"
Public template As DPFP.Template

Private userTemplateColumn As String = "Template"
Private userIDColumn As String = "ID"
Dim bytes As Byte()
Private Sub CreateDPControl(ByRef control As DPFP.Gui.Verification.VerificationControl)
Try
control = New DPFP.Gui.Verification.VerificationControl()
control.AutoSizeMode = Windows.Forms.AutoSizeMode.GrowAndShrink
control.Name = "verifyControl"
control.Location = New System.Drawing.Point(0, 0)
control.ReaderSerialNumber = "00000000-0000-0000-0000-000000000000"
control.Visible = True
control.Enabled = True
control.BringToFront()

Me.Controls.Add(control)

Catch ex As Exception
MessageBox.Show("exception")
End Try
End Sub

Private Function ConnectString() As String

Dim connectionString As String
connectionString = "*****************************"

Return connectionString

End Function

Private Sub VerifyBiometric_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
matcher = New Verification.Verification()
matchResult = New Verification.Verification.Result
CreateDPControl(verifyControl)
End Sub

Private Sub verifyControl_OnComplete(ByVal Control As Object, ByVal FeatureSet As DPFP.FeatureSet, ByRef EventHandlerStatus As DPFP.Gui.EventHandlerStatus) Handles verifyControl.OnComplete

Dim dataSet As DataSet = New DataSet()
Dim adapter As SqlDataAdapter = New SqlDataAdapter()
Dim sqlCommand As SqlCommand = New SqlCommand()

Dim ctr = 0
Try

Dim max As Integer = 0

Dim cn As New SqlConnection(ConnectString())
cn.Open()

sqlCommand.CommandText = "Select template from usertbl where username='" + registration.txtusername.Text + "'"
sqlCommand.CommandType = CommandType.Text
sqlCommand.Connection = cn

Dim lrd As SqlDataReader = sqlCommand.ExecuteReader()
Dim usr
While lrd.Read()
usr = lrd("template")
End While

bytes = Nothing
bytes = usr

template = New DPFP.Template()
template.DeSerialize(usr)
'Perform match
matcher.Verify(FeatureSet, template, matchResult)
If matchResult.Verified Then
EventHandlerStatus = Gui.EventHandlerStatus.Success
MsgBox("Verified!")
Me.Hide()
registration.Show()
Else

EventHandlerStatus = Gui.EventHandlerStatus.Failure
MsgBox("Please Try Again!")
End If

Finally

End Try

End Sub</pre>

Keith Barrow 29-Apr-13 7:46am

Should have been able to work that one out. Monday mornings bah!
Matej Hlatky's reply basically contains everything I was going to say....

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Matej Hlatky · Accepted Answer · 2013-04-29T00:45:00

Solution 2

I can see couple of problems in your code, where to start?

Prevent query from SQL injections, like Keith Barrow pointed out.
Use SqlCommand.Parameters Property[^] instead of string concatenation.
You are loading value of template column, wich is of type NVarChar(n) (String) into usr variable and then assigning into bytes of type Byte().
I am pretty sure, that when User enrolls, you have to store fingerprint template (DPFP.Template) into binary data type and not the String!
You should also use SqlCommand.ExecuteScalar Method[^] for getting single column value.

Posted 29-Apr-13 0:45am

Matej Hlatky

Updated 29-Apr-13 20:44pm

v4

Comments

Justin Jendrick Nocillado 29-Apr-13 11:04am

I'll try that later.Thanks

----

Problem Solved! Thanks Matej and Keith.

BTW, is this correct? to avoid sql injections?

sqlCommand.CommandText = "Select " + userTemplateColumn + " from " + userTable + " where username='" + registration.txtusername.Text + "'"

Matej Hlatky 30-Apr-13 2:47am

Hi, you are welcome.
Check my 1st point in updated answer.

Justin Jendrick Nocillado 30-Apr-13 10:53am

Get it. Thanks for helping :)

Member 11046115 3-Sep-14 12:49pm

What was the solution Justin

Member 10892825 29-Jun-14 7:23am

having a problem of using fingerprint to search my sql server database. when you place your finger on the dpfp scanner, then relevant information is returned