i have a table users in which the columns are sessionid, userid, username, password, roleid and usertype.
The values are as follows:
1) sessionid is c# asp.net page Session.SessionID with varchar(32) as datatype
2) userid is integer datatype starting with 1 and so on and it is not auto_increment
3) username is value entered from the textbox with varchar(30) as datatype
4) password is value entered from the textbox and also encrypting it using RSA Algorithm with varchar(max) as datatype
5) roleid is not required right now but later when the roles have been created the admin will update it later accordingly.... with int as datatype
6) usertype is used to define the user which type for example: Admin,Project manager, Team lead etc., with varchar(20) as datatype.
Now my problem is when user is registering from the asp.net to SQL server the data is inserted as normal but password is 2048 hash registering only 20 characters and usertype is of varchar(20) inserting only 3 characters like Adm, Pro for (Project Manager).
I am having another problem after registering the account redirecting it to login page to login the particular user but the problem exists here that
http://localhost:7518/(S(rbgid3fbbhidltfcywqv3435))/Login.aspx[
^]
why i am getting an extra in url and what it says i doesn't know what is the error please tell me the solution for this issue
What I have tried:
string uname = Request.Form["username"].ToString();
string password = Request.Form["password"].ToString();
string utype = Request.Form["usertype"].ToString();
Int32? roleid = null;
SqlConnection con = new SqlConnection(strCon);
SqlCommand cmd = new SqlCommand("SELECT UserID FROM Users", con);
con.Open();
SqlDataReader dr = cmd.ExecuteReader();
if (!dr.HasRows)
{
UserID = 1;
}
ObjUser.SessionID = Session.SessionID;
ObjUser.UserID = UserID == 1 ? 1 : UserID++;
ObjUser.UserName = uname;
ObjUser.Password = RSAEncrypt(password);
ObjUser.UserType = utype;
ObjUser.ObjRole.RoleID = roleid;
cmd.Parameters.AddWithValue("@chvSessionID", ObjUser.SessionID);
cmd.Parameters.AddWithValue("@intUserID", ObjUser.UserID);
cmd.Parameters.AddWithValue("@chvUserName", ObjUser.UserName);
cmd.Parameters.AddWithValue("@chvPassword", ObjUser.Password);
cmd.Parameters.AddWithValue("@intRoleID", ObjUser.ObjRole.RoleID == null ? (object)DBNull.Value : ObjUser.ObjRole.RoleID).SqlDbType = SqlDbType.Int;
cmd.Parameters.AddWithValue("@chUserType", ObjUser.UserType);