I am building a Login Page and it works once.
So if I login the first time everything works fine but if I press the logout button and try to login again without refreshing the page I can login with every password I want.
The password I use to compare is from a MySQL database which gets stored temporarily in a rowset. After the comparison I close the rowset and I also tried to assign an empty String to all properties which help with the verification of the user but somehow the password (don’t panic everything is encrypted) the user types in gets stored anywhere.
That’s how I encrypt the users password from the passwordfield:
Var hashValue As String
VAR kSalt AS STRING = “RUEDEjeje#@fj(*”
hashValue = Crypto.PBKDF2(kSalt, LoginPage.Password.Text, 128, 32, Crypto.HashAlgorithms.SHA512)
hashValue = EncodeHex(hashValue)
And the passwordField gets an empty String after a successfull login.
I think that the rowset doesn’t reset after closing it.