利用MD5加密資料庫中的密碼

來源:互聯網
上載者:User
加密|資料|資料庫 NET提供了進行資料加密類,下面就用例子進行說明如何使用MD5進行資料加密。

首先,建立一個UserAccount表,欄位兩個:UserName和Password,類型分別為varchar(25)和binary(16),下面的ASP.NET代碼就是建立使用者時的具體實現:

<%@ Import Namespace="System.Security.Cryptography" %>
<%@ Import Namespace="System.Text" %>
<%@ Import Namespace="System.Data" %>
<%@ Import Namespace="System.Data.SqlClient" %>
<script runat="server" language="VB">
Sub CreateAccount(sender as Object, e as EventArgs)
'1. 建立串連
Const strConnString as String
strConnString= "Data Source=.;Initial Catalog=test;User Id=sa;Password=;"
Dim objConn as New SqlConnection(strConnString)

'2. 建立Command對象
Dim strSQL as String = _
"INSERT INTO UserAccount(Username,Password) " & _
"VALUES(@Username, @Password)"
Dim objCmd as New SqlCommand(strSQL, objConn)

'3. 建立參數
Dim paramUsername as SqlParameter
paramUsername = New SqlParameter("@Username", SqlDbType.VarChar, 25)
paramUsername.Value = txtUsername.Text
objCmd.Parameters.Add(paramUsername)


'加密密碼欄位

Dim md5Hasher as New MD5CryptoServiceProvider()

Dim hashedBytes as Byte()
Dim encoder as New UTF8Encoding()

hashedBytes = md5Hasher.ComputeHash(encoder.GetBytes(txtPwd.Text))

Dim paramPwd as SqlParameter
paramPwd = New SqlParameter("@Password", SqlDbType.Binary, 16)
paramPwd.Value = hashedBytes
objCmd.Parameters.Add(paramPwd)


'插入資料庫
objConn.Open()
objCmd.ExecuteNonQuery()
objConn.Close()

'Redirect 其它頁面
End Sub
</script>

<form runat="server">
<h1>建立帳號:</h1>
使用者名稱: <asp:TextBox runat="server" id="txtUsername"/>
<br/>
密碼: <asp:TextBox runat="server" id="txtPwd" TextMode="Password"/>
<p><asp:Button runat="server" Text="建立使用者" OnClick="CreateAccount"/></p>
</form>

下面是對使用者進行驗證的ASP.NET代碼:


<%@ Import Namespace="System.Security.Cryptography" %>
<%@ Import Namespace="System.Text" %>
<%@ Import Namespace="System.Data" %>
<%@ Import Namespace="System.Data.SqlClient" %>
<script runat="server" language="VB">
Sub Login(sender as Object, e as EventArgs)
'1. 建立串連
Const strConnString as String
strConnString= "Data Source=.;Initial Catalog=test;User Id=sa;Password=;"
Dim objConn as New SqlConnection(strConnString)

'2. 建立Command對象
Dim strSQL as String = "SELECT COUNT(*) FROM UserAccount " & _
"WHERE Username=@Username AND Password=@Password"
Dim objCmd as New SqlCommand(strSQL, objConn)

'3. 建立參數
Dim paramUsername as SqlParameter
paramUsername = New SqlParameter("@Username", SqlDbType.VarChar, 25)
paramUsername.Value = txtUsername.Text
objCmd.Parameters.Add(paramUsername)


'加密密碼
Dim md5Hasher as New MD5CryptoServiceProvider()

Dim hashedDataBytes as Byte()
Dim encoder as New UTF8Encoding()

hashedDataBytes = md5Hasher.ComputeHash(encoder.GetBytes(txtPwd.Text))

Dim paramPwd as SqlParameter
paramPwd = New SqlParameter("@Password", SqlDbType.Binary, 16)
paramPwd.Value = hashedDataBytes
objCmd.Parameters.Add(paramPwd)


'執行查詢
objConn.Open()
Dim iResults as Integer = objCmd.ExecuteScalar()
objConn.Close()

If iResults = 1 then
'合法
Else
'不合法
End If
End Sub
</script>

<form runat="server">
<h1>登入:</h1>
使用者名稱:<asp:TextBox runat="server" id="txtUsername"/><br/>
密 碼:<asp:TextBox runat="server" id="txtPwd" TextMode="Password"/>
<p><asp:Button runat="server" Text="登入" OnClick="Login"/>
</form>

下面是MD5CryptoServiceProvider直接產生的例子:
<%@ Import Namespace="System.Security.Cryptography" %>
<%@ Import Namespace="System.Text" %>
<script language="VB" runat="server">
Sub DisplayEncryptedText(sender as Object, e as EventArgs)
If Page.IsValid then
Dim md5Hasher as New MD5CryptoServiceProvider()

Dim hashedDataBytes as Byte()
Dim encoder as New UTF8Encoding()

hashedDataBytes = md5Hasher.ComputeHash(encoder.GetBytes(txtPassword.Text))

ltlResults.Text = "<b>Encrypted Results</b><br /> The results are encrypted into " & _
"an array of 16 bytes. These 16 bytes contain the values:<p><ul>"

Dim b as Byte
For Each b in hashedDataBytes
ltlResults.Text &= "<li>" & b & "</li>"
Next b

ltlResults.Text &= "</ul>"
End If
End Sub
</script>

<form runat="server">
Enter a string:
<asp:TextBox id="txtPassword" runat="server" />
<asp:RequiredFieldValidator runat="server" ControlToValidate="txtPassword"
Display="Dynamic" ErrorMessage="<i>You must provide a value here...</i>" />
<asp:RegularExpressionValidator runat="server" ControlToValidate="txtPassword"
Display="Dynamic" ErrorMessage="<i>The string must be 20 characters or less...</i>"
ValidationExpression="^.{1,20}$" />
<br />
<asp:Button runat="server" Text="View the String as Encrypted Text"
OnClick="DisplayEncryptedText" />
<p>
<asp:Literal runat="server" id="ltlResults" />
</form>



相關文章

E-Commerce Solutions

Leverage the same tools powering the Alibaba Ecosystem

Learn more >

Apsara Conference 2019

The Rise of Data Intelligence, September 25th - 27th, Hangzhou, China

Learn more >

Alibaba Cloud Free Trial

Learn and experience the power of Alibaba Cloud with a free trial worth $300-1200 USD

Learn more >

聯繫我們

該頁面正文內容均來源於網絡整理,並不代表阿里雲官方的觀點,該頁面所提到的產品和服務也與阿里云無關,如果該頁面內容對您造成了困擾,歡迎寫郵件給我們,收到郵件我們將在5個工作日內處理。

如果您發現本社區中有涉嫌抄襲的內容,歡迎發送郵件至: info-contact@alibabacloud.com 進行舉報並提供相關證據,工作人員會在 5 個工作天內聯絡您,一經查實,本站將立刻刪除涉嫌侵權內容。