Login doesn't work a second time

Hi there,

I am building a Login Page and it works once.
So if I login the first time everything works fine but if I press the logout button and try to login again without refreshing the page I can login with every password I want.

The password I use to compare is from a MySQL database which gets stored temporarily in a rowset. After the comparison I close the rowset and I also tried to assign an empty String to all properties which help with the verification of the user but somehow the password (don’t panic everything is encrypted) the user types in gets stored anywhere.

That’s how I encrypt the users password from the passwordfield:
Var hashValue As String
VAR kSalt AS STRING = “RUEDEjeje#@fj(*”

hashValue = Crypto.PBKDF2(kSalt, LoginPage.Password.Text, 128, 32, Crypto.HashAlgorithms.SHA512)

hashValue = EncodeHex(hashValue)

Return hashValue

And the passwordField gets an empty String after a successfull login.

I think that the rowset doesn’t reset after closing it.

Sorry was there a question here somewhere?

If it doesn’t work a second time then you’re probably not returning things to the original state, be they variables to check against or whatever. Use system.debuglog and watch your message pane to check that things are as expected during your login process.

Sorry I totally forgot to put the question in.

Does the rowset get a reset after it was closed and how should I handle the passwordfield?

So I viewed the password field and the hashvalue of it in de debuglog now. The forst time it displays the password and the hashvalue as expected but surprisingly the second time it only displays a hashvalue different than the one before although it was the same password I typed in.

I am 100% sure that the mistake will be in the hashvalue function. It looks like it would take another String the second time than it did the first time.

Any clue why it would do that?

Without seeing your project, this is going to be very hard to diagnose.

Could you extract your login sequence into a sample project and post a link for others to review?

Well actually I don‘t know how to do that.

Make a tiny little new project with some text boxes for your input, a button to simulate your login and the code you run on the login, no need to go near a database for now, just hard code the data. If it doesn’t come out with expected repeatable data from that test, post a copy of the project here.

That just worked fine as I build this project without the database. I will figure it out myself at this point and I will post a solution when I got one.

Thanks to all of you

Have your tried closing the LoginPage?
You not show what happens with that Return hashValue

I finally found the problem but I really don’t know how to solve it.
The password field actually saves the password from the first login. How do password fields behave in xojo if you close the login page with currentpage.close and open it after the logout with
VAR login As New loginpage
login.show
Because if I want to call an error message at the second login with the wrong password but the true user it always logs in because the password field takes the password from the login before?

It will be easier to find help if you share a sample project with the problem

here you access the implicit instance.
LoginPage.Password.Text

this way here the variable / instance is only in your method scope.
VAR login As New loginpage

its not explained well in manual.
.CurrentPage