MD5换算到数据库上了,但是登陆密码只能输入MD5换算的值,自己设置的密码,登不上,高手进!
这个是login.aspx.csusing System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
using System.Data;
using System.Data.SqlClient;
using System.Web.Security;
public partial class Login : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
if (IsPostBack == false)
if (Response.Cookies["PrevUser"] != null)
TextBoxUser.Text = Response.Cookies["PrevUser"].Value;
}
protected void ButtonLogin_Click(object sender, EventArgs e)
{
if(CheckBoxRember.Checked==true)
{
Response.Cookies["PrevUser"].Value=TextBoxUser.Text;
Response.Cookies["PrevUser"].Expires = DateTime.Now.AddDays(7);
}
string checkCode = Session["CheckCode"].ToString();
if (TextBoxCheckCode.Text != checkCode)
{
Response.Write("<script>alert('验证码输入错误!')</script>");
return;
}
string sqlConnectStr = ConfigurationManager.ConnectionStrings["DaRenConnectionString"].ConnectionString;
SqlConnection con = new SqlConnection(sqlConnectStr);
con.Open();
string userName, userPass;
userName = TextBoxUser.Text.Replace("'", "''");
userPass = TextBoxPassword.Text.Replace("'", "''");
String sqlStr = "select count(*) from [user] where userName='" + userName
+ "'and userPass='" + userPass + "'";
SqlCommand com = new SqlCommand(sqlStr, con);
com.Parameters.AddWithValue("@name", TextBoxUser.Text);
com.Parameters.AddWithValue("@pass", FormsAuthentication.HashPasswordForStoringInConfigFile(TextBoxPassword.Text, "MD5"));
int result=(int)com.ExecuteScalar();
if (result>0)
{Response.Redirect("Default.aspx");
}
else
{Response.Write("<script>alert('用户名或密码错误!')</script>");
}
con.Close();
}
protected void LinkButtonRegister_Click(object sender, EventArgs e)
{
Response.Redirect("Register.aspx");
}
}
这个是register.aspx.cs页面代码:
using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
using System.Data;
using System.Data.SqlClient;
using System.Web.Security;
public partial class Register : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
}
protected void ButtonRegister_Click(object sender, EventArgs e)
{
if (SearchUserName(TextBoxUserName.Text)==false)
{
string userName = TextBoxUserName.Text;
string userPass =FormsAuthentication.HashPasswordForStoringInConfigFile(TextBoxUserPass.Text,"MD5");
string userPassAgain = TextBoxUserPassAgain.Text;
string nickName = TextBoxNickName.Text;
string sex = RadioButtonListSex.SelectedValue;
string phone = TextBoxPhone.Text; string email = TextBoxEmail.Text; string city = TextBoxCity.Text;
string question = TextBoxQuestion.Text;
string answer = TextBoxAnswer.Text;
string sqlConnectStr = ConfigurationManager.ConnectionStrings["DaRenConnectionString"].ConnectionString;
SqlConnection con = new SqlConnection(sqlConnectStr);
con.Open();
string sqlins = "insert into [user](userName,userPass,nickName,sex,phone,email,city,question,answer)values(" +
"@userName,@userPass,@nickName,@sex,@phone,@email,@city,@question,@answer)";
SqlCommand com = new SqlCommand(sqlins, con);
com.Parameters.AddWithValue("@userName", userName); com.Parameters.AddWithValue("@userPass", userPass);
com.Parameters.AddWithValue("@nickName", nickName); com.Parameters.AddWithValue("@sex", sex);
com.Parameters.AddWithValue("@phone", phone); com.Parameters.AddWithValue("@email", email);
com.Parameters.AddWithValue("@city", city); com.Parameters.AddWithValue("@question", question);
com.Parameters.AddWithValue("@answer", answer);
if (com.ExecuteNonQuery() > 0)
{
Response.Write("<script>alert('会员注册成功!');location='Login.aspx'</script>");
TextBoxUserName.Text = TextBoxUserPass.Text = TextBoxUserPassAgain.Text = TextBoxNickName.Text = TextBoxPhone.Text = "";
TextBoxEmail.Text = TextBoxCity.Text = TextBoxQuestion.Text = TextBoxAnswer.Text = "";
}
else
Response.Write("<script>alert('会员注册失败!')</script>");
}
else
Response.Write("<script>alert('该会员名已注册,请更换!')</script>");
}
protected void ButtonReturn_Click(object sender, EventArgs e)
{
Response.Redirect("Login.aspx");
}
protected bool SearchUserName(string userName)
{
SqlConnection con = new SqlConnection("server=(local);database=DaRen;uid=sa;pwd=123;");
con.Open();
string sqlsel = "select count(*) from[user] where userName=@userName";
SqlCommand com = new SqlCommand(sqlsel, con);
com.Parameters.AddWithValue("@userName", userName);
int result = (int)com.ExecuteScalar();
con.Close();
if (result > 0)
return true;
else
return false;
}
protected void TextBoxUserName_TextChanged(object sender, EventArgs e)
{
if (SearchUserName(TextBoxUserName.Text)==true)
LabelUserNameExist.Text="该会员已被注册,请更换!";
else
LabelUserNameExist.Text="该会员可以注册!";
}
}
注册上了,数据库里面的数据密码也变成了MD5的值,但是登陆的时候读不出!请高手赐教! --------------------编程问答-------------------- 读的时候同样 string pass=Md5(passbox.Text.Trim());
用这个和数据库的密码比较 --------------------编程问答-------------------- 能加的最高分了,只求能解答下,我弄了一天了,还是没弄出!
找人没人回答!
周一还要交作业! --------------------编程问答-------------------- 很纠结嘛??
你把用户输入的密码进行MD5加密,和数据库读取出来的密码对比不就行了 --------------------编程问答--------------------
com.Parameters.AddWithValue("@name", TextBoxUser.Text);
com.Parameters.AddWithValue("@pass", FormsAuthentication.HashPasswordForStoringInConfigFile(TextBoxPassword.Text, "MD5"));
我觉得应该是这里错了,但是找不出啊! --------------------编程问答-------------------- 楼上说的很清楚了,你关键是先弄清楚思路,别总往代码里钻
你数据库里存储的是经过MD5加密后的密文A,用户登陆的时候,用同样MD5算法将用户输入的密码变成密文B,然后比较密文A和密文B是否相等,说的够明白了吧
用MD5加密后的密文是不可逆的,也就是由密文不可以得到用户原来的密码
另外多嘴一句,Response.Write("<script>alert('会员注册失败!')</script>");这个好像不现实吧 --------------------编程问答-------------------- userPass = TextBoxPassword.Text.Replace("'", "''");
改为
userPass = FormsAuthentication.HashPasswordForStoringInConfigFile(TextBoxPassword.Text.Replace("'", "''"), "MD5")
应该可以了。。。
--------------------编程问答-------------------- using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Security.Cryptography;
namespace menber
{
class CPublic
{
public static string[] UserInfo = new string[4];
public static string GetMD5str(string mystr)
{
MD5 md5=new MD5CryptoServiceProvider();
byte[] fromData = System.Text.Encoding.Unicode.GetBytes(mystr);
byte[] toData = md5.ComputeHash(fromData);
string strbyte = null;
for(int i=0;i<toData.Length ;i++)
{
strbyte +=toData[i].ToString("x");
}
return strbyte ;
}
}
********以上是类*******
string strPwd = null;
if (txtpessword.Text == txtpesswords.Text)
{
strPwd = CPublic.GetMD5str(txtpessword.Text.Trim());
}
******以上是新增用户时获取文本框里面的密码明文转为MD5*********
string strPwd = CPublic.GetMD5str(txtPassword.Text.Trim());
string pwd = reader["UserPwd"].ToString();
Common.UserNo = reader["UserName"].ToString();//用户名
if (pwd.Equals(strPwd))
{
result = true;
}
else
{
txtPassword.Text = "";
lblProPwd.ForeColor = System.Drawing.Color.Red;
lblProPwd.Text = "输入密码错误!";
txtPassword.Focus();
}
***********以上是登录后台的代码***********
这是我用的方法 --------------------编程问答-------------------- 1#应该终结了你的问题了吧? 你可以在你注册页面和登录页面的userPass进行调试比对一下。 --------------------编程问答-------------------- +1 --------------------编程问答-------------------- 登录时,把输入的密码用md5进行加密,然后再与数据库的密码进行对比,看看是否相等, --------------------编程问答-------------------- --------------------编程问答-------------------- 帮顶 --------------------编程问答-------------------- 写入时MD5加密,登录时用提交的密码进行MD5加密,再和数据库中的密码进行比较 --------------------编程问答-------------------- 单向加密方式,数据库里存密文
用户输入的密码先加密,然后去取数据库的密文对比,一样则运行登陆 --------------------编程问答-------------------- String sqlStr = "select 1 from [user] where userName='@name' and userPass='@pass'";
还有一点
string checkCode = Session["CheckCode"].ToString();
当Session["CheckCode"]=null时,这样写会出错,所以要加一个判断
if(Session["CheckCode"]==null){
验证码已失效
return;
}
补充:.NET技术 , C#