0

I have an application where I have two textfields and a button. In the first textfield I am entering the username of the user and in the second textfield I am entering the password of the user. When the user enters the username and password and click on create user button a backend api is called which will register the username and password of the user and at the time I want to enter the username and password of the user in local SQLite databse in encrypted format.

When a user is registered the username of that particular user should get displayed in the first textfield and it should not be editable and password field should be editable. Only one user is allowed to be registered for the entire application.

halfer
  • 19,824
  • 17
  • 99
  • 186
Rani
  • 3,333
  • 13
  • 48
  • 89
  • 1
    before adding user u check ur data base is their any user or not if have then give pop up other wise register. – Rahul Juyal Nov 18 '11 at 05:25
  • @Ron actually i am getting confused can u explain in detail – Rani Nov 18 '11 at 05:36
  • when ur login view is open in view did appear u put one select query for ur user table it return array of user and check it's count is 0 or not if zero then new user registered otherwise give pop up user one user already register. – Rahul Juyal Nov 18 '11 at 10:41
  • @Ron i have tried as u told but the problem is the username and password does not remain retained throughout my entire application i.e when i click on the navigation bar back button and return back to the page where the username and password texfields are present their are null values in username – Rani Nov 21 '11 at 04:02
  • @Ron i want that only one username and password should remain throughout the entire application . – Rani Nov 21 '11 at 04:05

4 Answers4

2

Don't use a sqlite dbs to store user credentials. With reverse engineering it is fairly simple to get to the data. This because you probably have some value in your program you use to encrypt/decrypt the password. For security purposes, please use the keychain. There are several projects on github which makes it very easy to use the keychain. There is no more secure way for saving credentials then the keychain, so please use that to store your credentials!!!

CyberK
  • 1,568
  • 3
  • 31
  • 44
1

If I understood your requirement correctly, You can follow the below guideline.

Before inserting the data to the table, You can check if any record is added to the table.
If the count is 0, you can proceed to insert the record, else you can prompt the error.

I think this will be the simplest way to do this.

Naved
  • 4,020
  • 4
  • 31
  • 45
  • i am getting confused could u please explain in detail – Rani Nov 18 '11 at 05:59
  • add a simple if statement to check if database contains a record. If condition is false then only proceed the insert logic, else prompt an error or whatever you want for not inserting the data. – Naved Nov 18 '11 at 06:08
1

First step is to check the database exist in resource folder and create database:-

1)

-(void)checkAndCreateDatabase{
    databaseName = @"databasename.sql";

    NSArray *documentPaths = NSSearchPathForDirectoriesInDomains(NSDocumentDirectory, NSUserDomainMask, YES);
    NSString *documentsDir = [documentPaths objectAtIndex:0];
    databasePath = [documentsDir stringByAppendingPathComponent:databaseName];
    BOOL success;

    // Create a FileManager object, we will use this to check the status of the database and to copy it over if required
    NSFileManager *fileManager = [NSFileManager defaultManager];

    // Check if the database has already been created in the users filesystem
    success = [fileManager fileExistsAtPath:databasePath];

    // If the database already exists then return without doing anything
    if(success) {
        return;
    }
    // If not then proceed to copy the database from the application to the users filesystem

    // Get the path to the database in the application package
    NSString *databasePathFromApp = [[[NSBundle mainBundle] resourcePath] stringByAppendingPathComponent:databaseName];

    // Copy the database from the package to the users filesystem
    [fileManager copyItemAtPath:databasePathFromApp toPath:databasePath error:nil];
}

2) call the function to retrieve the data:-

-(NSMutableArray *) readFromDatabase:(NSString *)query{
    // Setup the database object
    sqlite3 *database;

    // Init the animals Array
    returnArray = [[NSMutableArray alloc] init];
    NSString *readCommand= query;

    // Open the database from the users filessytem
    if(sqlite3_open([databasePath UTF8String], &database) == SQLITE_OK) {
        // Setup the SQL Statement and compile it for faster access
        const char *sqlStatement = [readCommand UTF8String];
        sqlite3_stmt *compiledStatement;

        if(sqlite3_prepare_v2(database, sqlStatement, -1, &compiledStatement, NULL) == SQLITE_OK) {
            // Loop through the results and add them to the feeds array
            while(sqlite3_step(compiledStatement) == SQLITE_ROW) {
                // Read the data from the result row
                [returnArray addObject:[NSString stringWithUTF8String:(char *)sqlite3_column_text(compiledStatement, 0)]];
                [returnArray addObject:[NSString stringWithUTF8String:(char *)sqlite3_column_text(compiledStatement, 1)]];
            }

        }

        // Release the compiled statement from memory
        sqlite3_finalize(compiledStatement);

    }
    sqlite3_close(database);
    return returnArray;
}

3) check for the retrun array is empty or nil then call the insert function defined at step

4) Insert into the database

-(void)insertIntoDatabase:(NSString *)username:(NSString *)password{
    // Setup the database object

    sqlite3 *database;
    // Open the database from the users filessytem
    if(sqlite3_open([databasePath UTF8String], &database) == SQLITE_OK) {

        // Setup the SQL Statement and compile it for faster access
        NSString *insertCommand=@"Insert into tableName values(username,password)";     
        const char *sqlStatement = [insertCommand UTF8String];

        sqlite3_stmt *compiledStatement;

        if(sqlite3_prepare_v2(database, sqlStatement, -1, &compiledStatement, NULL) == SQLITE_OK) {
            // Loop through the results and add them to the feeds array
            while(sqlite3_step(compiledStatement) == SQLITE_ROW) {}
            sqlite3_finalize(compiledStatement);
        }

        // Release the compiled statement from memory

    }
    sqlite3_close(database);

}
Anil Kothari
  • 7,653
  • 4
  • 20
  • 25
  • Make sure that you have created the sqlite database in the resource folder with two fields username and password inside the table. – Anil Kothari Nov 21 '11 at 06:11
0

You can use NSUserDefaults saving locally it. following code is for saving data.

 perf = [NSUserDefaults standardUserDefaults];
 [perf setObject:@"1" forKey:@"remember"];
 [perf setObject:emailAddresTextField.text forKey:@"email"];
 [perf setObject:passwordTextField.text forKey:@"password"];
 [perf synchronize];

And for retrieving data use following code

perf=[NSUserDefaults standardUserDefaults];
NSString *remString = [perf stringForKey:@"remember"];  

if ([remString isEqualToString:@"1"]) {
    emailAddresTextField.text=[perf stringForKey:@"email"];
    passwordTextField.text = [perf stringForKey:@"password"];
    [rememberBtn setTag:1];
    [rememberBtn setImage:[UIImage imageNamed:@"on_radioButton.png"] forState:0];
}
mandeep-dhiman
  • 2,505
  • 2
  • 21
  • 31
  • Well the userdefaults are not really safe to store user credentials in... You really don't want to use this method for confidential information... – CyberK Nov 18 '11 at 09:16