-2

I wanted to make a password generator and it should save the password for what you want to use the password then I wanted that the program displays all the datas in my database. so, I can look at it. Also, I am using Console Application(.NET Framwork).When I used the program without displaying the data, it worked. But, when I put my displaying code, it makes that error.

System.InvalidOperationException Connection must be valid and open.

I don't know how to fix that. It would be super cool, if you guys can help me and make me more smart :D Here is the program code:

string verbindungsdaten = "SERVER = localhost;" +
                          "DATABASE = db;" +
                          "UID = Sarper;" +
                          "PASSWORD = Bmw03082009;";

MySqlConnection verbindung = new MySqlConnection(verbindungsdaten);

Random meinrandom = new Random();
int zahl = meinrandom.Next(100000, 1000000);
Console.WriteLine("Ihr Passwort ist zwischen den Werten: 100000 - 1000000");
Console.Write("Geben sie bitte die Benutzung vom Passwort damit sie es 
wiederverwenden können ein: ");
string benutzung1 = Console.ReadLine();
Console.WriteLine("Ihr Passwort wurde generiert: " + zahl);
Console.WriteLine("Alle Daten im überblick mit Benutzung: ");

string command = "INSERT INTO passwörter VALUES ('" + benutzung1 + "', '" + zahl + "');";

MySqlCommand ausführen = new MySqlCommand(command);
ausführen.Connection = verbindung;

string com = "SELECT * FROM passwörter;";
MySqlCommand com11 = new MySqlCommand(com);

verbindung.Open();
ausführen.ExecuteNonQuery();
MySqlDataReader Reader;
    
Reader = com11.ExecuteReader();
Reader.Read();
Console.WriteLine("Benutzung " + Reader.GetValue(0).ToString());
Console.WriteLine("Passwort " + Reader.GetValue(1).ToString());
verbindung.Close();

It is german again because I am from Germany.That are only things in the WriteLine codes, but I think you can unserstand it. :D

Sarper Eroglu
  • 1
  • 3
  • The problem is poping up in the Reader = com11.ExecuteReader(); code – Sarper Eroglu Jun 02 '21 at 17:07
  • 1
    Side note, don't store plain text passwords, use command parameters to prevent SQLi attacks, use `usings` statements to ensure objects are disposed. If that's the real password to your server, change it and get a new one, never post this information. There's other issues here as well, TBH, rethink your approach and start fresh focusing on one issue at a time. – Trevor Jun 02 '21 at 17:08
  • Sorry but what is a parameter ? I am new at programming – Sarper Eroglu Jun 02 '21 at 17:09
  • Hmm ok i will try – Sarper Eroglu Jun 02 '21 at 17:09
  • @zaggler and you :D you are helping everytime to my questions last time also :D thank you also – Sarper Eroglu Jun 02 '21 at 17:14
  • You're welcome, take one thing at a time. Please also reference your other question where I left comments as well. – Trevor Jun 02 '21 at 17:15
  • One more question to you zaggler so i think you know that i am from germany and i want to say that i am not grown up so much so i want to say i am kid :D i think you will think i am dumb or something else but what is a hashing or using paramaters it will be very nice when you can say me the answer :D – Sarper Eroglu Jun 02 '21 at 17:19
  • Not at all, we all are learning. Check out [hashing](https://learn.microsoft.com/en-us/aspnet/core/security/data-protection/consumer-apis/password-hashing?view=aspnetcore-5.0) in that article to get an understanding of the intention [or](https://medium.com/@mehanix/lets-talk-security-salted-password-hashing-in-c-5460be5c3aae) and or [this](https://www.simongilbert.net/hashing-passwords-md5-bcrypt-pbkdf2-csharp-dotnetcore/) may be useful. – Trevor Jun 02 '21 at 17:39
  • `new MySqlCommand(..., verbindung);` or `verbindung.CreateCommand(...);` –  Jun 02 '21 at 18:30
  • [What are good ways to prevent SQL injection?](https://stackoverflow.com/questions/14376473/what-are-good-ways-to-prevent-sql-injection) –  Jun 02 '21 at 18:32

1 Answers1

-2

you never assigned a connection to com11

Omar De La Rosa
  • 72
  • 5