Click here to Skip to main content
14,449,862 members
Rate this:
Please Sign up or sign in to vote.
i have one registration form and after successfully register when i tried to retrieve password that time i get password as System.Char[](encoded text : U3lzdGVtLkNoYXJbXQ==).

Encode
public static string encode(string text)
    {
        string returntext = "";
        if (text != null && text != "")
        {
            byte[] mybyte = System.Text.Encoding.UTF8.GetBytes(text);
            returntext = System.Convert.ToBase64String(mybyte);

            String DecodeText = decode(returntext);

        }
        return returntext;
    }


Decode Code

public static string decode(string text)
    {
        string returntext = "";
        if (text != null && text != "")
        {
            byte[] mybyte = System.Convert.FromBase64String(text);
            returntext = System.Text.Encoding.UTF8.GetString(mybyte);
        }
        return returntext;
    }


I checked in my local environment but it working fine but when i check my customer list there is a many user enter with System.Char[] encoded text(as U3lzdGVtLkNoYXJbXQ==) so please help me in which case is it possible ?

What I have tried:

i tried many way and i also google many topic but could not able to solve it.
Posted
Updated 5 days ago
Comments
Richard Deeming 11-Feb-20 7:26am
   
NB: Base64 is most definitely NOT a suitable method to "protect" your stored passwords.

You are storing passwords in plain text. Don't do that.

Secure Password Authentication Explained Simply[^]
Salted Password Hashing - Doing it Right[^]
phil.o 11-Feb-20 7:28am
   
It is unclear what you are trying to achieve. Once authenticated, why do you need to keep any trace of the password? Having it in memory under its non-hashed form is a major security concern. Please improve your question and specify exactly which is your goal and what is the problem with it.
paras_zalariya12 11-Feb-20 7:51am
   
actually it is old Cms Application and normal user(Who don't Have Development knowledge) never enter password like System.char[] right?
many user want to Forgot password and they retrieve password System.char[] which is not suitable for any application.
so i am finger out that thing in where it is insert like this
Rate this:
Please Sign up or sign in to vote.

Solution 1

You are sending to your encode() method string "System.Char[]". Aside from the fact that what you're trying to do is probably wrong (or at least not clear), the problem you facing is happening before you access the encode method.
   
Rate this:
Please Sign up or sign in to vote.

Solution 2

The problem lies with whatever is calling "encode". My guess is that you are doing ToString on something just to make the code compile. For example;

string password = "123456";
var toEncode = password.ToArray();
string encoded = encode(toEncode);


If you're getting a char array from somewhere (I don't know where, I can't access your code) then the above won't compile. My guess is that in order to make it compile you have done something like this

string password = "123456";
var toEncode = password.ToArray().ToString();
string encoded = encode(toEncode);


...and that will give you your problem. You need to track all code that calls your function and see if there is any chance you are trying to encode a char array that has been converted ToString.
   
Rate this:
Please Sign up or sign in to vote.

Solution 3

I found Solution Thanks to @F-Es Sitecore for give me direction and i found the solution.
In my code some glitch in other page like below


const string chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
           Cust.Password = Common.encode(Enumerable.Repeat(chars, 5).Select(s => s[random.Next(s.Length)]).ToArray().ToString());



Because of Above code it enter Wrong Password.
Thank you
   

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)




CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100