Qt Forum

    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Search
    • Unsolved

    Unsolved Login System

    3rd Party Software
    4
    6
    2169
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • I
      inik last edited by

      Trying to implement a login system, I'm struggling to get it working. I'm using Qt and MySQL - the MySQL link is functioning fine, just can't get the C++ right. Here's the code:

      void MainWindow::on_pushButton_login_clicked()
      {
      
          QString enteredUsername = ui->lineEdit_username->text();
          QString enteredPassword = ui->lineEdit_password->text();
          QString username;
          QString password;
      
      
          QSqlQuery loginQuery("SELECT * FROM 'logindetails' WHERE studentID='" + enteredUsername + "' AND password='" + enteredPassword + "';");
          if (!username.compare(enteredUsername) && (!password.compare(enteredPassword)))
              QMessageBox::information(this,"Success", "Login information is correct");
          else
              QMessageBox::information(this,"FAIL", "Incorrect login");
      
      /*
      
          QSqlQuery usernameQuery("SELECT studentID from userinfo.logindetails");
          while (usernameQuery.next()) {
              QString username = usernameQuery.value(0).toString();
              QMessageBox::information(this,"Success",username+ enteredUsername);
      
          }
          QSqlQuery passwordQuery("SELECT password from userinfo.logindetails");
          while (passwordQuery.next()) {
              QString password = passwordQuery.value(0).toString();
              QMessageBox::information(this,"Success",password+ typeid(password).name()+ enteredPassword+ typeid(enteredPassword).name());
      
          }
      
          if (!username.compare(enteredUsername) && (!username.compare(enteredUsername)))
                  QMessageBox::information(this,"Success", "Login information is correct");
      
          else
              QMessageBox::information(this,"Failure", "Login information is incorrect"+username + password);
      
      */
      
      
      1 Reply Last reply Reply Quote 0
      • SGaist
        SGaist Lifetime Qt Champion last edited by

        Hi,

        What query does fail ?
        What are you expecting ?
        Where are you getting ?

        Interested in AI ? www.idiap.ch
        Please read the Qt Code of Conduct - https://forum.qt.io/topic/113070/qt-code-of-conduct

        1 Reply Last reply Reply Quote 1
        • I
          inik last edited by

          I don't really know how to get the C++ code to query username password, then check it against the entered details. The query returns the correct values from the database. There is a username and password in the DB, i'm expecting to query it and check it with the input data. The query returns the right data but not in the correct format.

          JonB 1 Reply Last reply Reply Quote 1
          • SGaist
            SGaist Lifetime Qt Champion last edited by

            What format are you expecting ? And what format are you getting ?

            Interested in AI ? www.idiap.ch
            Please read the Qt Code of Conduct - https://forum.qt.io/topic/113070/qt-code-of-conduct

            1 Reply Last reply Reply Quote 0
            • Pablo J. Rogina
              Pablo J. Rogina last edited by

              @inik as a side note, you should not store passwords directly in the DB, just a hash value of the actual password. You're shouting for information security problems.

              Upvote the answer(s) that helped you solve the issue
              Use "Topic Tools" button to mark your post as Solved
              Add screenshots via postimage.org
              Don't ask support requests via chat/PM. Please use the forum so others can benefit from the solution in the future

              1 Reply Last reply Reply Quote 3
              • JonB
                JonB @inik last edited by JonB

                @inik
                Apart from the fact that you should indeed hash (one-way, symmetric) the password for storage (and comparison) as @Pablo-J-Rogina says, when you write:

                    QSqlQuery loginQuery("SELECT * FROM 'logindetails' WHERE studentID='" + enteredUsername + "' AND password='" + enteredPassword + "';");
                    if (!username.compare(enteredUsername) && (!password.compare(enteredPassword)))
                

                by the time that query returns a row you already know both the username & password have matched since you pass them in the query, so you only need to check whether 1 row or 0 rows were returned...

                For hashing, from Qt you can probably use http://doc.qt.io/qt-5/qcryptographichash.html#details. So your process is:

                1. When the user specifies his password, hash it and stored the hashed to the database.
                2. When a user tries to logon and specifies a proposed password, hash that and pass it to query like you have to see if it is same as a hash in the database row.
                3. So you never pass the unhashed/clear text of the password to/from the database.
                1 Reply Last reply Reply Quote 1
                • First post
                  Last post