Asp.net (C #) implements the invitation code Mechanism

At present, many websites have an invitation code mechanism, such as the open-source community, which can prevent flooding attacks. On the other hand, everyone introduces each other to the website to improve the user level of the website. Maintain a good community environment. This article introduces how to implement the invitation code mechanism. Provides C # source code.

Invitation Code Composition: 1-20080330134035-a21f34a965d1cb65 first: User ID, second: year, month, day, hour, minute, Second, Third: verification code.

The verification code algorithm is: User ID + year, month, day, hour, minute, and second + private key, and the 16-bit MD5 value is used.

Code:

 String T = datetime. Now. tostring ("yyyymmddhhmmss ");
String K = BLL. stringutil. MD5 (user. Identity. Name + T + "b497570b-69a2-4bd1-9380-7e74616795ab", 16 );
TXT. TEXT = string. format ("{0}-{1}-{2}", user. identity. name, T, k); the purpose of adding a private key is to prevent others from learning your algorithm and writing it to the registration machine (of course, it depends on the importance of the website ,) in this way, the invitation code is calculated. In aspx (verify the validity of the invitation code ):
 <Asp: textbox id = "txtcode" runat = "server" rows = "10"> </ASP: textbox> <asp: requiredfieldvalidator id = "R6" runat = "server" controltovalidate = "txtcode" display = "dynamic" errormessage = "Enter the invitation code" setfocusonerror = "true"> </ASP: requiredfieldvalidator>
<Asp: regularexpressionvalidator id = "regularexpressionvalidator1" runat = "server" controltovalidate = "txtcode"
Display = "dynamic" errormessage = "invitation code format error" setfocusonerror = "true" validationexpression = "\ D +-\ D {14}-[\ da-F] {16 }"> </ASP: regularexpressionvalidator>
Backend CS files (verify the validity of the invitation code ):
   
  String [] TMP = txtcode. Text. Split ('-');
Bll. stringutil. MD5 (TMP [0] + TMP [1] + "b497570b-69a2-4bd1-9380-7e74616795ab", 16) = TMP [2]
Then we need to record the used invitation code to the database. Next time we have a new invitation code for verification, we will compare it in the database. If it exists, it indicates that it is a used invitation code, expired.