zoukankan
html css js c++ java
安全解密
using
System;
using
System.Collections;
using
System.ComponentModel;
using
System.Data;
using
System.Drawing;
using
System.Web;
using
System.Web.SessionState;
using
System.Web.UI;
using
System.Web.UI.WebControls;
using
System.Web.UI.HtmlControls;
using
System.Data.SqlClient;
using
System.Web.Security;
using
System.Security.Cryptography;
using
System.Text;
using
System.IO;
namespace
CommandExample
{
/**/
///
<summary>
///
login 的摘要说明。
///
</summary>
public
class
Login01 : System.Web.UI.Page
{
protected
System.Web.UI.WebControls.Label Label1;
protected
System.Web.UI.WebControls.TextBox tbName;
protected
System.Web.UI.WebControls.TextBox tbPass;
protected
System.Web.UI.WebControls.Button btnLoginBetter;
protected
System.Web.UI.WebControls.RequiredFieldValidator RequiredFieldValidator1;
protected
System.Web.UI.WebControls.RequiredFieldValidator RequiredFieldValidator2;
protected
System.Web.UI.WebControls.CheckBox PersistCookie;
protected
System.Web.UI.WebControls.Label Label2;
private
void
Page_Load(
object
sender, System.EventArgs e)
{
//
在此处放置用户代码以初始化页面
}
Web Form Designer generated code
#region
Web Form Designer generated code
override
protected
void
OnInit(EventArgs e)
{
//
//
CODEGEN:该调用是 ASP.NET Web 窗体设计器所必需的。
//
InitializeComponent();
base
.OnInit(e);
}
/**/
///
<summary>
///
设计器支持所需的方法 - 不要使用代码编辑器修改
///
此方法的内容。
///
</summary>
private
void
InitializeComponent()
{
this
.btnLoginBetter.Click
+=
new
System.EventHandler(
this
.btnLoginBetter_Click);
this
.Load
+=
new
System.EventHandler(
this
.Page_Load);
}
#endregion
private
void
btnLoginBetter_Click(
object
sender, System.EventArgs e)
{
bool
bExist
=
AuthenticateUser(tbName.Text,tbPass.Text);
if
(bExist)
{
//
1)
//
创建一个验证票据
//
相当于产生一个COOKIE
FormsAuthenticationTicket ticket
=
new
FormsAuthenticationTicket(
1
, tbName.Text,DateTime.Now,
DateTime.Now.AddMinutes(
30
),PersistCookie.Checked,
"
User
"
);
//
2)
//
并且加密票据
string
cookieStr
=
FormsAuthentication.Encrypt(ticket);
//
3) 创建cookie
//
并且是以当前forms name=".MYWEB"命名,你可以自定义名称
HttpCookie cookie
=
new
HttpCookie(FormsAuthentication.FormsCookieName,cookieStr);
//
FormsAuthentication.FormsCookieName
if
(PersistCookie.Checked)
//
如果用户选择了保存密码
cookie.Expires
=
ticket.Expiration;
//
设置cookie有效期为票据有效期
//
cookie存放路径
cookie.Path
=
FormsAuthentication.FormsCookiePath;
//
将cookie写入到系统中cookie文件中
Response.Cookies.Add(cookie);
//
4) do a redirect
string
strRedirect;
strRedirect
=
Request[
"
ReturnUrl
"
].ToString();
if
(strRedirect
==
null
)
strRedirect
=
"
default.aspx
"
;
Response.Redirect(strRedirect,
true
);
}
else
Response.Write(
"
<script language='javascript'>alert('用户名称或密码错误!')</script>
"
);
}
private
bool
ArraysEqual(
byte
[] array1,
byte
[] array2)
{
bool
bResult
=
true
;
if
(array1
==
null
)
throw
new
ArgumentNullException(
"
array1
"
);
if
(array2
==
null
)
throw
new
ArgumentNullException(
"
array2
"
);
if
(array1.Length
==
array2.Length)
{
for
(
int
i
=
0
;i
<
array1.Length;i
++
)
{
if
(array1[i]
!=
array2[i])
{
bResult
=
false
;
break
;
}
}
}
return
bResult;
}
private
bool
AuthenticateUser(
string
strUserName,
string
strUserPass)
{
SqlConnection con
=
new
SqlConnection();
con.ConnectionString
=
System.Configuration.ConfigurationSettings.AppSettings[
"
DSN
"
];
con.Open();
string
strSql
=
"
sp_getuserdetails
"
;
SqlCommand com
=
new
SqlCommand(strSql,con);
com.CommandType
=
CommandType.StoredProcedure;
SqlParameter sqlpUser
=
new
SqlParameter(
"
@acctname
"
,SqlDbType.NVarChar,
64
);
sqlpUser.Value
=
tbName.Text;
SqlParameter sqlpPasshash
=
new
SqlParameter(
"
@passhash
"
,SqlDbType.NVarChar,
50
);
sqlpPasshash.Direction
=
ParameterDirection.Output;
SqlParameter sqlpPasssalt
=
new
SqlParameter(
"
@passsalt
"
,SqlDbType.NVarChar,
50
);
sqlpPasssalt.Direction
=
ParameterDirection.Output;
com.Parameters.Add(sqlpUser);
com.Parameters.Add(sqlpPasssalt);
com.Parameters.Add(sqlpPasshash);
com.ExecuteNonQuery();
string
hash
=
com.Parameters[
"
@passhash
"
].Value.ToString();
string
salt
=
com.Parameters[
"
@passsalt
"
].Value.ToString();
bool
bExist
=
false
;
if
(hash
==
null
||
salt
==
null
)
bExist
=
false
;
else
{
byte
[] saltBits
=
Convert.FromBase64String(salt);
byte
[] hashBits
=
Convert.FromBase64String(hash);
byte
[] passBits
=
Encoding.Unicode.GetBytes(strUserPass);
HashAlgorithm hashAlg
=
SHA1.Create();
CryptoStream cs
=
new
CryptoStream(Stream.Null,hashAlg,CryptoStreamMode.Write);
cs.Write(passBits,
0
,passBits.Length);
cs.Write(saltBits,
0
,saltBits.Length);
cs.FlushFinalBlock();
cs.Close();
byte
[] digest
=
hashAlg.Hash;
if
(ArraysEqual(digest,hashBits))
bExist
=
true
;
else
bExist
=
false
;
}
con.Close();
return
bExist;
}
}
}
上面代码中使用了一个存储过程
sp_getuserdetails,这个存储过程的代码如下
CREATE
PROCEDURE
sp_getuserdetails
@acctname
varchar
(
64
),
@passhash
varchar
(
50
) out,
@passsalt
varchar
(
50
) out
AS
select
@passhash
=
passwordHash,
@passsalt
=
passwordSalt
from
formsUserInfo
where
userName
=
@acctname
GO
这里和大家分享和学习如何学IT!
查看全文
相关阅读:
手把手教您玩转信用卡 如何“以卡养卡”合法“套现”
267家已获第三方许可机构名单查询
C#生成图片验证码
File I/O
文件上传代码
集合框架
接口
多态
封装
jsp做成mvc模式的代码
原文地址:https://www.cnblogs.com/fuchifeng/p/627247.html
最新文章
求fibonacci数列 java
最短路径
图的顺序存储
图的遍历
约瑟夫环
myeclipse的快捷键
java 读取excel
javascript 闭包 转载
java 操作数据库
百度地图 js api 实现 line 居中显示
热门文章
用JS来实现于截取中英文混合字符串方法(转载)
chrome 浏览器最小字体为12px 的解决办法
node.js 发送http 请求
全国地区代码表
最佳实践系列:常规项目管理(跨部门项目)的12个最佳实践
制药企业信息化的系统构架与合规性
深度解析pos机,养卡人必看!
一机多商户原理解析
个体商户POS机遭遇禁刷 职业养卡人称自有对策
信用卡精养卡POS机方案
Copyright © 2011-2022 走看看