zoukankan      html  css  js  c++  java
  • 用戶登陸。防SQL注入,驗證碼不區分大小寫。。

    if (string.Compare(TBCheckCode.Text, Session["CheckCodeI"].ToString(), true) == 0)
            {
                string password = FormsAuthentication.HashPasswordForStoringInConfigFile(TBpassword.Text, "md5");//MD5加密
                string mycon = ConfigurationManager.ConnectionStrings["EPS_WEBConnectionString"].ConnectionString;
                SqlConnection con = new SqlConnection(mycon);
                con.Open();
                SqlParameter tetusername = new SqlParameter("@username", SqlDbType.Char, 30);
                tetusername.Value = TBusername.Text;
                SqlParameter tetpassword = new SqlParameter("@userpass", SqlDbType.Char, 40);
                tetpassword.Value = password;
                string strsql = "select * from admin_user where UserName=@username and Password=@userpass";
                SqlCommand mycommand = new SqlCommand(strsql, con);
                mycommand.Parameters.Add(tetusername);
                mycommand.Parameters.Add(tetpassword);
                SqlDataReader rs = mycommand.ExecuteReader();
                if (rs.Read())
                {
                    if (password == rs["Password"].ToString())
                    {
                        Session.Timeout = 120;
                        Session["UserName"] = TBusername.Text;
                        Session["UserID"] = rs["ID"].ToString();
                        con.Close();
                        Response.Redirect("index.htm");
                        //  Response.Write("<script >window.open('index.htm');</script>");
                    }
                    else
                    {
                        con.Close();
                        Label1.Visible = true;
                        Label1.Text = "对不起,您输入的密码有误!";
                        return;
                    }
                }
                else
                {
                    con.Close();
                    Label1.Visible = true;
                    Label1.Text = "对不起,帐号或密码错误!";
                    return;
                }
            }
            else
            {
                Label1.Visible = true;
                Label1.Text = "对不起,驗證碼錯誤!";
                return;
            } 

  • 相关阅读:
    什么是MIME类型
    让IIS支持wml,支持Jad,jar,3gp,mp4的下载
    REEBSD常用命令大全
    nginx的http session管理
    FreeBSD 8.0下给网卡绑定双IP
    firefox、IE下的几个不同属性的方法调用
    如何配置nginx的流量限制
    Nginx 简单的负载均衡配置示例
    DOM信息nodeType的应用
    SSI 的指令及参数
  • 原文地址:https://www.cnblogs.com/accumulater/p/7000676.html
Copyright © 2011-2022 走看看