zoukankan      html  css  js  c++  java
  • 用戶登陸。防SQL注入,驗證碼不區分大小寫

    if (string.Compare(TBCheckCode.Text, Session["CheckCodeI"].ToString(), true) == 0)
            {
                string password = FormsAuthentication.HashPasswordForStoringInConfigFile(TBpassword.Text, "md5");//MD5加密
                string mycon = ConfigurationManager.ConnectionStrings["EPS_WEBConnectionString"].ConnectionString;
                SqlConnection con = new SqlConnection(mycon);
                con.Open();
                SqlParameter tetusername = new SqlParameter("@username", SqlDbType.Char, 30);
                tetusername.Value = TBusername.Text;
                SqlParameter tetpassword = new SqlParameter("@userpass", SqlDbType.Char, 40);
                tetpassword.Value = password;
                string strsql = "select * from admin_user where UserName=@username and Password=@userpass";
                SqlCommand mycommand = new SqlCommand(strsql, con);
                mycommand.Parameters.Add(tetusername);
                mycommand.Parameters.Add(tetpassword);
                SqlDataReader rs = mycommand.ExecuteReader();
                if (rs.Read())
                {
                    if (password == rs["Password"].ToString())
                    {
                        Session.Timeout = 120;
                        Session["UserName"] = TBusername.Text;
                        Session["UserID"] = rs["ID"].ToString();
                        con.Close();
                        Response.Redirect("index.htm");
                        //  Response.Write("<script >window.open('index.htm');</script>");
                    }
                    else
                    {
                        con.Close();
                        Label1.Visible = true;
                        Label1.Text = "对不起,您输入的密码有误!";
                        return;
                    }
                }
                else
                {
                    con.Close();
                    Label1.Visible = true;
                    Label1.Text = "对不起,帐号或密码错误!";
                    return;
                }
            }
            else
            {
                Label1.Visible = true;
                Label1.Text = "对不起,驗證碼錯誤!";
                return;
            } 

  • 相关阅读:
    【SpringMVC】SpringMVC系列15之SpringMVC最佳实践
    【SpringMVC】SpringMVC系列14之SpringMVC国际化
    could not calculate build plan: Plugin org.apache.maven.plugins:maven-resources-plugin:2.5 or one of(maven报错)
    ubuntu14安装tensorflow并测试
    HTMLajax跨域向服务器写入数据
    eclipse的最新版本luna的中建立svn和maven
    关于equals与hashcode的重写
    会计中的冲销和红票
    dubbo在项目中的应用
    dubbo介绍以及创建
  • 原文地址:https://www.cnblogs.com/accumulater/p/6088993.html
Copyright © 2011-2022 走看看