zoukankan      html  css  js  c++  java
  • 用戶登陸。防SQL注入,驗證碼不區分大小寫。。

    if (string.Compare(TBCheckCode.Text, Session["CheckCodeI"].ToString(), true) == 0)
            {
                string password = FormsAuthentication.HashPasswordForStoringInConfigFile(TBpassword.Text, "md5");//MD5加密
                string mycon = ConfigurationManager.ConnectionStrings["EPS_WEBConnectionString"].ConnectionString;
                SqlConnection con = new SqlConnection(mycon);
                con.Open();
                SqlParameter tetusername = new SqlParameter("@username", SqlDbType.Char, 30);
                tetusername.Value = TBusername.Text;
                SqlParameter tetpassword = new SqlParameter("@userpass", SqlDbType.Char, 40);
                tetpassword.Value = password;
                string strsql = "select * from admin_user where UserName=@username and Password=@userpass";
                SqlCommand mycommand = new SqlCommand(strsql, con);
                mycommand.Parameters.Add(tetusername);
                mycommand.Parameters.Add(tetpassword);
                SqlDataReader rs = mycommand.ExecuteReader();
                if (rs.Read())
                {
                    if (password == rs["Password"].ToString())
                    {
                        Session.Timeout = 120;
                        Session["UserName"] = TBusername.Text;
                        Session["UserID"] = rs["ID"].ToString();
                        con.Close();
                        Response.Redirect("index.htm");
                        //  Response.Write("<script >window.open('index.htm');</script>");
                    }
                    else
                    {
                        con.Close();
                        Label1.Visible = true;
                        Label1.Text = "对不起,您输入的密码有误!";
                        return;
                    }
                }
                else
                {
                    con.Close();
                    Label1.Visible = true;
                    Label1.Text = "对不起,帐号或密码错误!";
                    return;
                }
            }
            else
            {
                Label1.Visible = true;
                Label1.Text = "对不起,驗證碼錯誤!";
                return;
            } 

  • 相关阅读:
    转 W P 代码淆混
    Flash网页游戏辅助工具制作简析
    Flash Player安全沙漏规则
    用loader.loadbytes直接load bitmapdata.getpixels产生的bytearray
    游戏及开发人员的认识
    一犯人在执行死刑前三天供出祖传治癌奇方(转)
    AIR教程列表
    养生名言 (春、夏、秋、冬。)
    十天学会单片机和C语言编程
    UI设计规范收藏
  • 原文地址:https://www.cnblogs.com/accumulater/p/7000676.html
Copyright © 2011-2022 走看看