ASP.NET使用md5对用户进行身份验证
目前我正在做一个小项目,用户注册密码字段在数据库中加密,因此我也需要使用md5算法对用户进行身份验证,但我的代码不起作用,每当我尝试输入正确的密码(未加密),它就会输入,但后来我发现我输入的任何密码,即使它在数据库中不匹配,系统也会接受它 你能帮我吗?这是我的密码:ASP.NET使用md5对用户进行身份验证,asp.net,Asp.net,目前我正在做一个小项目,用户注册密码字段在数据库中加密,因此我也需要使用md5算法对用户进行身份验证,但我的代码不起作用,每当我尝试输入正确的密码(未加密),它就会输入,但后来我发现我输入的任何密码,即使它在数据库中不匹配,系统也会接受它 你能帮我吗?这是我的密码: protected void btnSubmit_Click(object sender, EventArgs e) { string pAssword = txtPassword.Text;
protected void btnSubmit_Click(object sender, EventArgs e)
{
string pAssword = txtPassword.Text;
MD5CryptoServiceProvider encryptor = new MD5CryptoServiceProvider();
byte[] encryptedValue;
UTF8Encoding encoder = new UTF8Encoding();
encryptedValue = encryptor.ComputeHash(encoder.GetBytes(pAssword));
DataSet ds = new DataSet();
ds = (startWebService.getAllUsers());
if (ds.Tables[0].Rows.Count > 0)
{
foreach (DataRow dRow in ds.Tables[0].Rows)
{
string userName = dRow["UserName"].ToString();
string passWord = dRow["Password"].ToString();
string acctNo = dRow["AccountNumber"].ToString();
if (userName == txtUsername.Text.ToString() && acctNo == txtAcctNo.Text.ToString() && passWord == encryptedValue.ToString() )
{
FormsAuthentication.RedirectFromLoginPage(txtUsername.Text.ToString(), false);
lblError.Text = "You got it!";
Response.Redirect("MyAccount.aspx");
}
else
{
this.lblError.ForeColor = System.Drawing.Color.Red;
this.lblError.Text = "Either you have been type an incorrect network credentials or you have reached the maximum login attempts for your account.Please try again or contact the system administrator.";
startWebService.updateFailedLogin(txtAcctNo.Text.ToString(), txtUsername.Text.ToString());
}
}
}
}
private DataSet GetDataSet(string strSPROC)
{
SqlConnection conn = new SqlConnection(connectionString);
SqlCommand cmd = conn.CreateCommand();
cmd.CommandText = strSPROC;
conn.Open();
SqlDataAdapter myDataAdapter = new SqlDataAdapter();
myDataAdapter.SelectCommand = cmd;
DataSet dsMT = new DataSet();
myDataAdapter.Fill(dsMT);
return dsMT;
conn.Close();
}
[WebMethod]
public DataSet getAllUsers()
{
return GetDataSet("ELMS_ALLINTERNETUSERS");
}
请帮助我,我必须纠正这一点,使系统能够接受正确的加密文本,例如,我键入:西班牙=wdhs3x9029,但我尝试键入菲律宾,它也接受。有一种很好的内置密码哈希方法(您可以使用MD5): 您可以阅读有关此方法的更多信息。如果您需要重新发明轮子,那么我建议您将获取哈希为字符串的方法更改为类似以下内容:
MD5CryptoServiceProvider encryptor = new MD5CryptoServiceProvider();
UTF8Encoding encoder = new UTF8Encoding();
byte[] encryptedValueBytes = encryptor.ComputeHash(encoder.GetBytes(pAssword));
StringBuilder encryptedValueBuilder = new StringBuilder();
for (int i = 0; i < encryptedValueBytes.Length; i++)
{
encryptedValueBuilder.Append(data[i].ToString("x2"));
}
string encryptedValue = encryptedValueBuilder.ToString();
MD5CryptoServiceProvider encryptor=新的MD5CryptoServiceProvider();
UTF8Encoding编码器=新的UTF8Encoding();
byte[]encryptedValueBytes=encryptor.ComputeHash(编码器.GetBytes(密码));
StringBuilder encryptedValueBuilder=新建StringBuilder();
对于(int i=0;i而不是字节数组上的simple.ToString()。当使用FormsAuthentication.HashPasswordForStoringInConfigFile方法时,我从VS 2012收到一条警告消息,说此方法/类已被弃用
MD5CryptoServiceProvider encryptor = new MD5CryptoServiceProvider();
UTF8Encoding encoder = new UTF8Encoding();
byte[] encryptedValueBytes = encryptor.ComputeHash(encoder.GetBytes(pAssword));
StringBuilder encryptedValueBuilder = new StringBuilder();
for (int i = 0; i < encryptedValueBytes.Length; i++)
{
encryptedValueBuilder.Append(data[i].ToString("x2"));
}
string encryptedValue = encryptedValueBuilder.ToString();