I'm using SQL Server 2008. I need to Enter the connection details through a windows form and save the connection details in a file.
The issue is, I need to use the same credentials for other forms without embedding the credentials in the code. Other forms should retrieve the connection details. In short, once the credentials are saved, other forms should also be able to use them without re-entering the credentials again and again
The question is, How do I do this?
You can accomplish what you're looking for by storing the connection string in your app.config.
You can check out this article on storing custom values in the app.config which would be a good strategy if there are individual values that you want to store and then you want to dynamically build the connection string.
If you prefer to just store and retrieve the complete connection string then you can check out this article.
Varun (I am assuming that you are able to write source code to read and write files using c#) to solve this problem you need to do 2 tasks in the form load event.
Check if the file containing your login credentials already exists at your desired location then read the file and fill the relevant details in the text boxes accordingly.
If the file does not exists then create the new file at a specific location of your choice with credential details.
So whenever the user opens the login form it's form_load() method will work accordingly based on above two conditions.
Apart from this, if you don't want to do this you can use your app.config file for the same job.
Related
I am making one app right now, and I have a question:
Where can I store my MySQL connection string so nobody will be able to get it (for example with .NET Reflector).
Encrypting it into app.conf won't be good. I need it to work even on other computers not just the one I encrypted it on.
check this link how to secure connection string
Add Connection String to Web.confif/App.config
Open an .aspx page in Design View in Visual Studio.
From the Toolbox, from the Data folder, drag a data source control, such as a SqlDataSource control, onto the design surface.
Right-click the control, and click Show Smart Tag.
In the smart tag panel, click Configure Data Source.
In the Choose a Data Connection panel, click New Connection.
Select an appropriate data source from the list on the Choose Data Source dialog box, and then click OK.
Indicate the correct server name, user name, and password on the Add Connection dialog box, and then click OK. You are returned to the Configure Data Source dialog box with a summary of your connection details.
Click Next, and then click Yes to save your connection string in the Web.config file.
To encrypt connection string information stored in the Web.config file
aspnet_regiis -pe "connectionStrings" -app "/SampleApplication"
For more details check the link shared above
I've created a very simple Windows Form application that uses .NET 2.0 and runs from a single executable.
These single executables will be deployed to multiple users to prompt and collect information.
The catch is that I want to have the information emailed to a specific email address that can vary based on the user the executable is sent to. But, I do not want to rebuild the executable when the email changes.
I can pass command arguments to the executable via command line of course or a shortcut, but I simply want the user to enter information into the form and click submit and have it sent to a predefined email address that can vary based on the user the executable is sent to.
I can bundle the executable with a batch file that runs the executable with the command argument or a config file. But, I want to keep the deployment simple, one file if possible.
Is it possible to do this with an MSI? Am I totally missing something obvious here?
I want the person who is sending the executable out to the user to be able to easily change the email address that the WinForm will send the data to.
if your users are going to be changing the email address you might want to think about a simpler delivery mechanism than a config file, which is fragile in the sense that if a user deletes a > accidentally your app will throw System.Configuration.ConfigurationErrorsException.
One simpler solution than the app config file would be a text file with just the target email address in it, included in the same directory as the app. Your users would have an easier time editing it - or just dropping a new file in. Of course this relies on them having rights to that directory.
Another option is to treat it like a normal setting. Prompt the end user for the actual email on first run, and store it using a user specific setting, i.e. Properties.Settings.Default.SettingName. Then, give your users a UI function to change it on demand.
You could use an app.config file.
Right click the project and select Add->New Item->Application Configuration File
Have something like:
<configuration>
<appSettings>
<add key="UserEmail" value="test#test.com" />
</appSettings>
</coniguration>
And in your code retrieve the config value like:
string email = ConfigurationManager.AppSettings["UserEmail"];
Then you just need to change the value in the config file before sending it to the user, and they can also update it on their own.
One slightly different solution would be to have every instance send email to the same email address, with the 'from' being an address based on the user's Windows logged in account and domain.
Then, create a receiving email account that those emails arrive at with a filter to redirect the mail to the appropriate destination. You didn't say what email system you were using, but Exchange allows this quite simply, for example (as do other systems like GMail).
A more labor-intensive variant on this centralized design would be to create a small web service that your exe queries, with the web service telling the exe where it should send mail to. Again, you'd need a mapping table between Windows user and 'To' addresses.
I'm not sure if I understood your question, but here's my try:
You should check out the properties in visual studio:
Project -> yourProjectName Properties... -> Settings
There you can create variables, which can be either application or user scoped. By using user scoped variable, lets say userEmail, the program lets you save this information according to the logged in user. This way you can save like 20 different emails in this very same executable, depending on the logged in user.
Save the emails according to user:
Properties.Settings.Default.userEmail = "myemail#host.com";
Properties.Settings.Default.Save();
And read them the same way:
string email = Properties.Settings.Default.userEmail;
I have used app.config file for my winform application , the file is used to store the connection string which is used by all the Forms in my application to connect to a remote MySQL database.
But when I install the application on my customer's PCs, then I want that they could not see the app.config file. Is it possible? How? Please help with code.
Also, is there any other way, to create a connection string which is accessible by all the Forms. Like, can I make a class connection.cs and then inherit it in every Form.
But how to do this? I mean how to implement the code
My main objective is to create just one string for connection, so that , if i change it again and again, then i need not go and change it every Form, instead, i would just change it only in one File , and it would be used by all the Forms
Is using app.config file a good option or making a connection.cs file's a better one?
You don't need to use a connection string from every form, you need a data access layer and then you use it from everywhere, in theory only from another layer called business logic...
A form which needs to load data into a grid, a drop down or some other controls should consume data loaded by lower layers in your application stack.
Read something about 3 tier architecture.
The app.config is always visible on the user machine, so you should not treat any information stored in it as secret.
You really have two options:
Continue to store the connection string in the app.config but encrypt it. This will work fine if its an internal app and security is not to much of an issue. But since the encryption key has to be stored in the app a dedicated hacker could retrieve it.
use a three tier architecture as suggested already. With this the connection string is stored in the middle tier, while your application no longer connects directly to the database but rather through the middle tier. Authentication can then be done with a user name/password per user or by making use of windows authentication. The connection string is stored on a server and only people with acces to this server can look at it and see the DB connection string.
If you just want a simple solutions why not create a class named for example "Connection" in a file connection.cs and let it have a static attribute or property named for example "ConString" which holds the connection string:
public class Connection
{
public static ConString = "your connection string here";
}
Then you can access it everywhere:
OdbcConnection conn = new OdbcConnection(Connection.ConString);
BUT that would only be the quick and dirty way of doing it (although it works). It would be much nicer to create an own Database-Layer - but also much more work.
App.config can't be hidden on users machine, this is what you can do.
You can encrypt the connection string and store it in the app.config. have a look on this article, it shows you how to do that.
Try to define your connection string in program.cs before [statThread] by storing it in a public static string variable like constr etc. Then u can use that var anywhere referencing:
program.constr
I have a simple web app built in asp.net webforms c#
where and how would be the best way to save info from the code behind?
(and also retrieve that info)
eg all i want to save is a dateTime. and a flag set to True or False.
and be able to access them in the code behind.
Im not using a db for this web app.
Edit: and can't really use session variables for this purpose.
thanks
If you have to save data for an arbitrary period of time, then you need to store it in a database.
If you need to read the saved variable after a lengthy period of time, you should store it in a local file or a database.
You can create a file using a FileStream object and then write your value to the file.
To get a path where your application has sufficient rights to write a file, use Server.MapPath.
Note : If possible, and if the data you store should not be available to users, you should configure your IIS WebSite to forbid him to serve this file to clients.
Use Application variable like Application["thedate"] = date; and you can get back as date = Application["thedate"].
The date will be saved untill app pool restarts (which also happens when IIS or system restarts).
For a more longer time, save in an xml file on the disk (Use XMLReader and XMLWriter for this purpose).
If this is per user info you could use either browser cookie or viewstate.
Use the Session object:
Session["thedate"] = date;
DateTime date = (DateTime)Session["thedate"];
I am deploying a Windows Application that uses SQL Server 2005. The program will use SQL Authentication.
My question is, how do you handle the connection string when you don't know what the username/password will be? Do you load this from an encrypted file? Or are there provisions for handling this already?
If the user will provide their login details (username and password) then you just need to provide the ability to enter them in your app, e.g. show a dialog asking for these details. You can then use those values the user gives to build the connection string in your code.
Alternatively, if all your users are going to be using a single SQL account to connect then you can put the connection string in your app.config file using encryption if you want to hide it from your users, see cmsjr's answer for an example of how to do this.
Alternatively, if you're developing this on an internal domain (intranet) then switch your database to integrated security and put your users domain accounts into the relevant access group on your database server. Then you won't have to worry about collecting username or passwords at all.
If the enduser will provide the password you don't need to do anything, dont save the usernamne/password in the config file.
If you don't want the end user to provide the password you could put it in the config file at installation. But that could be a problem if the username needs to be changed and you have encrypted the connectionstring.
Encrypting sections of the configuration is not as simple for a windows app as for a web app, but it is certainly doable. Here's a sample.
Just make sure to check the username/password for "weird" characters that the user might enter. The last thing you want is for them to change around your connection string. Then basically you just specify the driver (if using ODBC), the database, the server, but leave all the username/password and trusted connection info out. Then just tack on username= and password= which will be set equal to what was entered by the user on the end. However watch out for semicolons. I've never tried to see what happens if there is both a username/password and a trusted_connection = true.