在asp.net中提供了加密的功能。名字空間system.web.security中包含了類formsauthentication,其中有一個方法hashpasswordforstoringinconfigfile。這個方法可以將用戶提供的字符變成亂碼,然后存儲起來。注意此方法是不能繼承的。
下面的代碼就是在做注冊頁面時將數(shù)據(jù)加密后存儲到數(shù)據(jù)庫的過程
imports system.web.security
imports system.data
imports system.data.sqlclient '////////所需要的名稱空間
private sub button1_click(byval sender as system.object, byval e as system.eventargs) handles button1.click
dim passformate as string
'///////////////encryptpassword調(diào)用函數(shù)
passformate = encryptpassword(uid.text, "md5") '//////////或者是encryptpassword(uid.text, "sha1")
'textbox2.text = encryptpassword(uid.text, "md5")
'textbox3.text = encryptpassword(uid.text, "sha1")
'///////////這些大家自己試驗吧
'textbox4.text = formsauthentication.formscookiename
'textbox5.text = formsauthentication.formscookiepath
'textbox6.text = formsauthentication.getredirecturl(uid.text, true)
'formsauthentication.setauthcookie(uid.text, true)
dim sql as string = "insert into pwd(uid,pwd) values(@uid,@pwd)"
dim comm as sqlcommand = new sqlcommand(sql, conn)
conn.open()
comm.parameters.add(new sqlparameter("@uid", sqldbtype.char, 16))
comm.parameters("@uid").value = uid.text
comm.parameters.add(new sqlparameter("@pwd", sqldbtype.char, 16))
comm.parameters("@pwd").value = passformate
comm.executenonquery()
end sub
'////////////////定義加密函數(shù),可以隨時調(diào)用。
function encryptpassword(byval password as string, byval passwordformate as string)
if passwordformate = "sha1" then
encryptpassword = formsauthentication.hashpasswordforstoringinconfigfile(password, "sha1")
elseif passwordformate = "md5" then
encryptpassword = formsauthentication.hashpasswordforstoringinconfigfile(password, "md5")
else
encryptpassword = ""
end if
end function
至于用戶的驗證也是一樣的思路了。
