zoukankan      html  css  js  c++  java
  • 用戶登陸。防SQL注入,驗證碼不區分大小寫。。

    if (string.Compare(TBCheckCode.Text, Session["CheckCodeI"].ToString(), true) == 0)
            {
                string password = FormsAuthentication.HashPasswordForStoringInConfigFile(TBpassword.Text, "md5");//MD5加密
                string mycon = ConfigurationManager.ConnectionStrings["EPS_WEBConnectionString"].ConnectionString;
                SqlConnection con = new SqlConnection(mycon);
                con.Open();
                SqlParameter tetusername = new SqlParameter("@username", SqlDbType.Char, 30);
                tetusername.Value = TBusername.Text;
                SqlParameter tetpassword = new SqlParameter("@userpass", SqlDbType.Char, 40);
                tetpassword.Value = password;
                string strsql = "select * from admin_user where UserName=@username and Password=@userpass";
                SqlCommand mycommand = new SqlCommand(strsql, con);
                mycommand.Parameters.Add(tetusername);
                mycommand.Parameters.Add(tetpassword);
                SqlDataReader rs = mycommand.ExecuteReader();
                if (rs.Read())
                {
                    if (password == rs["Password"].ToString())
                    {
                        Session.Timeout = 120;
                        Session["UserName"] = TBusername.Text;
                        Session["UserID"] = rs["ID"].ToString();
                        con.Close();
                        Response.Redirect("index.htm");
                        //  Response.Write("<script >window.open('index.htm');</script>");
                    }
                    else
                    {
                        con.Close();
                        Label1.Visible = true;
                        Label1.Text = "对不起,您输入的密码有误!";
                        return;
                    }
                }
                else
                {
                    con.Close();
                    Label1.Visible = true;
                    Label1.Text = "对不起,帐号或密码错误!";
                    return;
                }
            }
            else
            {
                Label1.Visible = true;
                Label1.Text = "对不起,驗證碼錯誤!";
                return;
            } 

  • 相关阅读:
    【数通大讲坛02】IP子网划分(VLSM)
    【数通大讲坛01】利用TCP/IP模型理解数据通信过程
    新公司的第一个任务-重构系统(二)
    作为一名程序员的心得分享
    新公司的第一个任务-重构系统(一)
    第一次离职
    2018年终总结
    跳槽并不简单
    小公司的项目交付
    记一次项目测试间隔太长的问题
  • 原文地址:https://www.cnblogs.com/accumulater/p/7000676.html
Copyright © 2011-2022 走看看