I am building a Login Page and it works once.
So if I login the first time everything works fine but if I press the logout button and try to login again without refreshing the page I can login with every password I want.
The password I use to compare is from a MySQL database which gets stored temporarily in a rowset. After the comparison I close the rowset and I also tried to assign an empty String to all properties which help with the verification of the user but somehow the password (don’t panic everything is encrypted) the user types in gets stored anywhere.
That’s how I encrypt the users password from the passwordfield:
Var hashValue As String
VAR kSalt AS STRING = “RUEDEjeje#@fj(*”
If it doesn’t work a second time then you’re probably not returning things to the original state, be they variables to check against or whatever. Use system.debuglog and watch your message pane to check that things are as expected during your login process.
So I viewed the password field and the hashvalue of it in de debuglog now. The forst time it displays the password and the hashvalue as expected but surprisingly the second time it only displays a hashvalue different than the one before although it was the same password I typed in.
I am 100% sure that the mistake will be in the hashvalue function. It looks like it would take another String the second time than it did the first time.
Make a tiny little new project with some text boxes for your input, a button to simulate your login and the code you run on the login, no need to go near a database for now, just hard code the data. If it doesn’t come out with expected repeatable data from that test, post a copy of the project here.
That just worked fine as I build this project without the database. I will figure it out myself at this point and I will post a solution when I got one.
I finally found the problem but I really don’t know how to solve it.
The password field actually saves the password from the first login. How do password fields behave in xojo if you close the login page with currentpage.close and open it after the logout with
VAR login As New loginpage
login.show
Because if I want to call an error message at the second login with the wrong password but the true user it always logs in because the password field takes the password from the login before?