zoukankan      html  css  js  c++  java

  • 用戶登陸。防SQL注入,驗證碼不區分大小寫。。

    if (string.Compare(TBCheckCode.Text, Session["CheckCodeI"].ToString(), true) == 0)
            {
                string password = FormsAuthentication.HashPasswordForStoringInConfigFile(TBpassword.Text, "md5");//MD5加密
                string mycon = ConfigurationManager.ConnectionStrings["EPS_WEBConnectionString"].ConnectionString;
                SqlConnection con = new SqlConnection(mycon);
                con.Open();
                SqlParameter tetusername = new SqlParameter("@username", SqlDbType.Char, 30);
                tetusername.Value = TBusername.Text;
                SqlParameter tetpassword = new SqlParameter("@userpass", SqlDbType.Char, 40);
                tetpassword.Value = password;
                string strsql = "select * from admin_user where UserName=@username and Password=@userpass";
                SqlCommand mycommand = new SqlCommand(strsql, con);
                mycommand.Parameters.Add(tetusername);
                mycommand.Parameters.Add(tetpassword);
                SqlDataReader rs = mycommand.ExecuteReader();
                if (rs.Read())
                {
                    if (password == rs["Password"].ToString())
                    {
                        Session.Timeout = 120;
                        Session["UserName"] = TBusername.Text;
                        Session["UserID"] = rs["ID"].ToString();
                        con.Close();
                        Response.Redirect("index.htm");
                        //  Response.Write("<script >window.open('index.htm');</script>");
                    }
                    else
                    {
                        con.Close();
                        Label1.Visible = true;
                        Label1.Text = "对不起,您输入的密码有误!";
                        return;
                    }
                }
                else
                {
                    con.Close();
                    Label1.Visible = true;
                    Label1.Text = "对不起,帐号或密码错误!";
                    return;
                }
            }
            else
            {
                Label1.Visible = true;
                Label1.Text = "对不起,驗證碼錯誤!";
                return;
            } 
  • 相关阅读:
    zz 使用svn——项目的目录布局
    eclipse中字体太小
    SVN 项目的目录结构
    tuscany requires 学习
    搜索子集生成
    HZNUACM寒假集训Day12小结 数论入门
    HZNUACM寒假集训Day10小结 树树形DP
    模板 快速幂|取余
    HZNUACM寒假集训Day7小结 背包DP
    HZNUACM寒假集训Day6小结 线性DP
  • 原文地址:https://www.cnblogs.com/accumulater/p/7000676.html
Copyright © 2011-2022 走看看