.NET提供了进行数据加密类,下面就用例子进行说明如何使用MD5进行数据加密。 首先,创建一个UserAccount表,字段两个:UserName和Password,类型分别为varchar(25)和binary(16),下面的ASP.NET代码就是创建用户时的具体实现: <%@ Import Namespace="System.Security.Cryptography" %>
<%@ Import Namespace="System.Text" %>
<%@ Import Namespace="System.Data" %>
<%@ Import Namespace="System.Data.SqlClient" %>
<script runat="server" language="VB">
Sub CreateAccount(sender as Object, e as EventArgs)
'1. 创建连接
Const strConnString as String
strConnString= "Data Source=.;Initial Catalog=test;User Id=sa;Password=;"
Dim objConn as New SqlConnection(strConnString)
'2. 创建Command对象
Dim strSQL as String = _
"INSERT INTO UserAccount(Username,Password) " & _
"VALUES(@Username, @Password)"
Dim objCmd as New SqlCommand(strSQL, objConn)
'3. 创建参数
Dim paramUsername as SqlParameter
paramUsername = New SqlParameter("@Username", SqlDbType.VarChar, 25)
paramUsername.Value = txtUsername.Text
objCmd.Parameters.Add(paramUsername)
'加密密码字段 Dim md5Hasher as New MD5CryptoServiceProvider()
Dim hashedBytes as Byte()
Dim encoder as New UTF8Encoding() hashedBytes = md5Hasher.ComputeHash(encoder.GetBytes(txtPwd.Text)) Dim paramPwd as SqlParameter
paramPwd = New SqlParameter("@Password", SqlDbType.Binary, 16)
paramPwd.Value = hashedBytes
objCmd.Parameters.Add(paramPwd)
'插入数据库
objConn.Open()
objCmd.ExecuteNonQuery()
objConn.Close()
'Redirect 其它页面
End Sub
</script><form runat="server">
<h1>创建帐号:</h1>
用户名: <asp:TextBox runat="server" id="txtUsername"/>
<br/>
密码: <asp:TextBox runat="server" id="txtPwd" TextMode="Password"/>
<p><asp:Button runat="server" Text="创建用户" OnClick="CreateAccount"/></p>
</form>下面是对用户进行验证的ASP.NET代码:
<%@ Import Namespace="System.Security.Cryptography" %>
<%@ Import Namespace="System.Text" %>
<%@ Import Namespace="System.Data" %>
<%@ Import Namespace="System.Data.SqlClient" %>
<script runat="server" language="VB">
Sub Login(sender as Object, e as EventArgs)
'1. 创建连接
Const strConnString as String
strConnString= "Data Source=.;Initial Catalog=test;User Id=sa;Password=;"
Dim objConn as New SqlConnection(strConnString)
'2. 创建Command对象
Dim strSQL as String = "SELECT COUNT(*) FROM UserAccount " & _
"WHERE Username=@Username AND Password=@Password"
Dim objCmd as New SqlCommand(strSQL, objConn)
'3. 创建参数
Dim paramUsername as SqlParameter
paramUsername = New SqlParameter("@Username", SqlDbType.VarChar, 25)
paramUsername.Value = txtUsername.Text
objCmd.Parameters.Add(paramUsername)
'加密密码
Dim md5Hasher as New MD5CryptoServiceProvider()
Dim hashedDataBytes as Byte()
Dim encoder as New UTF8Encoding() hashedDataBytes = md5Hasher.ComputeHash(encoder.GetBytes(txtPwd.Text)) Dim paramPwd as SqlParameter
paramPwd = New SqlParameter("@Password", SqlDbType.Binary, 16)
paramPwd.Value = hashedDataBytes
objCmd.Parameters.Add(paramPwd)
'执行查询
objConn.Open()
Dim iResults as Integer = objCmd.ExecuteScalar()
objConn.Close()
If iResults = 1 then
'合法
Else
'不合法
End If
End Sub
</script><form runat="server">
<h1>登录:</h1>
用户名:<asp:TextBox runat="server" id="txtUsername"/><br/>
密 码:<asp:TextBox runat="server" id="txtPwd" TextMode="Password"/>
<p><asp:Button runat="server" Text="登录" OnClick="Login"/>
</form>下面是MD5CryptoServiceProvider直接生成的例子:
<%@ Import Namespace="System.Security.Cryptography" %>
<%@ Import Namespace="System.Text" %>
<script language="VB" runat="server">
Sub DisplayEncryptedText(sender as Object, e as EventArgs)
If Page.IsValid then
Dim md5Hasher as New MD5CryptoServiceProvider()
Dim hashedDataBytes as Byte()
Dim encoder as New UTF8Encoding() hashedDataBytes = md5Hasher.ComputeHash(encoder.GetBytes(txtPassword.Text))
ltlResults.Text = "<b>Encrypted Results</b><br /> The results are encrypted into " & _
"an array of 16 bytes. These 16 bytes contain the values:<p><ul>"
Dim b as Byte
For Each b in hashedDataBytes
ltlResults.Text &= "<li>" & b & "</li>"
Next b
ltlResults.Text &= "</ul>"
End If
End Sub
</script><form runat="server">
Enter a string:
<asp:TextBox id="txtPassword" runat="server" />
<asp:RequiredFieldValidator runat="server" ControlToValidate="txtPassword"
Display="Dynamic" ErrorMessage="<i>You must provide a value here...</i>" />
<asp:RegularExpressionValidator runat="server" ControlToValidate="txtPassword"
Display="Dynamic" ErrorMessage="<i>The string must be 20 characters or less...</i>"
ValidationExpression="^.{1,20}$" />
<br />
<asp:Button runat="server" Text="View the String as Encrypted Text"
OnClick="DisplayEncryptedText" />
<p>
<asp:Literal runat="server" id="ltlResults" />
</form>
<%@ Import Namespace="System.Text" %>
<%@ Import Namespace="System.Data" %>
<%@ Import Namespace="System.Data.SqlClient" %>
<script runat="server" language="VB">
Sub CreateAccount(sender as Object, e as EventArgs)
'1. 创建连接
Const strConnString as String
strConnString= "Data Source=.;Initial Catalog=test;User Id=sa;Password=;"
Dim objConn as New SqlConnection(strConnString)
'2. 创建Command对象
Dim strSQL as String = _
"INSERT INTO UserAccount(Username,Password) " & _
"VALUES(@Username, @Password)"
Dim objCmd as New SqlCommand(strSQL, objConn)
'3. 创建参数
Dim paramUsername as SqlParameter
paramUsername = New SqlParameter("@Username", SqlDbType.VarChar, 25)
paramUsername.Value = txtUsername.Text
objCmd.Parameters.Add(paramUsername)
'加密密码字段 Dim md5Hasher as New MD5CryptoServiceProvider()
Dim hashedBytes as Byte()
Dim encoder as New UTF8Encoding() hashedBytes = md5Hasher.ComputeHash(encoder.GetBytes(txtPwd.Text)) Dim paramPwd as SqlParameter
paramPwd = New SqlParameter("@Password", SqlDbType.Binary, 16)
paramPwd.Value = hashedBytes
objCmd.Parameters.Add(paramPwd)
'插入数据库
objConn.Open()
objCmd.ExecuteNonQuery()
objConn.Close()
'Redirect 其它页面
End Sub
</script><form runat="server">
<h1>创建帐号:</h1>
用户名: <asp:TextBox runat="server" id="txtUsername"/>
<br/>
密码: <asp:TextBox runat="server" id="txtPwd" TextMode="Password"/>
<p><asp:Button runat="server" Text="创建用户" OnClick="CreateAccount"/></p>
</form>下面是对用户进行验证的ASP.NET代码:
<%@ Import Namespace="System.Security.Cryptography" %>
<%@ Import Namespace="System.Text" %>
<%@ Import Namespace="System.Data" %>
<%@ Import Namespace="System.Data.SqlClient" %>
<script runat="server" language="VB">
Sub Login(sender as Object, e as EventArgs)
'1. 创建连接
Const strConnString as String
strConnString= "Data Source=.;Initial Catalog=test;User Id=sa;Password=;"
Dim objConn as New SqlConnection(strConnString)
'2. 创建Command对象
Dim strSQL as String = "SELECT COUNT(*) FROM UserAccount " & _
"WHERE Username=@Username AND Password=@Password"
Dim objCmd as New SqlCommand(strSQL, objConn)
'3. 创建参数
Dim paramUsername as SqlParameter
paramUsername = New SqlParameter("@Username", SqlDbType.VarChar, 25)
paramUsername.Value = txtUsername.Text
objCmd.Parameters.Add(paramUsername)
'加密密码
Dim md5Hasher as New MD5CryptoServiceProvider()
Dim hashedDataBytes as Byte()
Dim encoder as New UTF8Encoding() hashedDataBytes = md5Hasher.ComputeHash(encoder.GetBytes(txtPwd.Text)) Dim paramPwd as SqlParameter
paramPwd = New SqlParameter("@Password", SqlDbType.Binary, 16)
paramPwd.Value = hashedDataBytes
objCmd.Parameters.Add(paramPwd)
'执行查询
objConn.Open()
Dim iResults as Integer = objCmd.ExecuteScalar()
objConn.Close()
If iResults = 1 then
'合法
Else
'不合法
End If
End Sub
</script><form runat="server">
<h1>登录:</h1>
用户名:<asp:TextBox runat="server" id="txtUsername"/><br/>
密 码:<asp:TextBox runat="server" id="txtPwd" TextMode="Password"/>
<p><asp:Button runat="server" Text="登录" OnClick="Login"/>
</form>下面是MD5CryptoServiceProvider直接生成的例子:
<%@ Import Namespace="System.Security.Cryptography" %>
<%@ Import Namespace="System.Text" %>
<script language="VB" runat="server">
Sub DisplayEncryptedText(sender as Object, e as EventArgs)
If Page.IsValid then
Dim md5Hasher as New MD5CryptoServiceProvider()
Dim hashedDataBytes as Byte()
Dim encoder as New UTF8Encoding() hashedDataBytes = md5Hasher.ComputeHash(encoder.GetBytes(txtPassword.Text))
ltlResults.Text = "<b>Encrypted Results</b><br /> The results are encrypted into " & _
"an array of 16 bytes. These 16 bytes contain the values:<p><ul>"
Dim b as Byte
For Each b in hashedDataBytes
ltlResults.Text &= "<li>" & b & "</li>"
Next b
ltlResults.Text &= "</ul>"
End If
End Sub
</script><form runat="server">
Enter a string:
<asp:TextBox id="txtPassword" runat="server" />
<asp:RequiredFieldValidator runat="server" ControlToValidate="txtPassword"
Display="Dynamic" ErrorMessage="<i>You must provide a value here...</i>" />
<asp:RegularExpressionValidator runat="server" ControlToValidate="txtPassword"
Display="Dynamic" ErrorMessage="<i>The string must be 20 characters or less...</i>"
ValidationExpression="^.{1,20}$" />
<br />
<asp:Button runat="server" Text="View the String as Encrypted Text"
OnClick="DisplayEncryptedText" />
<p>
<asp:Literal runat="server" id="ltlResults" />
</form>
解决方案 »
- |zyciis| 网站安全:MVC如何在不更改原有代码的条件上为管理后台做权限,谢谢
- JavaScript程序语言可以写入后台程序语言中吗?
- 不通过浏览,只通过现有的文件路径推送文件到其它服务器上。
- 未能初始化 PassportManager 对象。请确保在服务器上正确安装了 Microsoft Passport。
- 谁用vs.net开发过物流信息管理系统啊,帮帮忙给个思路
- 求教:如何在不启动页面的情况下调用方法或事件。
- ASP.NET 当指定一页面加载完成后 触发一事件。
- 请问,ASP.net的按钮中如何加入图片
- 我想要在一个页面上包含多个form怎么办?
- Configuration Error
- 请问如何在关闭一个窗口的同时,也同时关闭一个由它打开的另一个窗口?请教!在线等待.....
- web.config问题,在线等待
加载时可以加一个属性 encry=ture
具体问了,自己搜索一下!