利用MD5加密數據庫中的密碼
2024-07-21 02:24:33
供稿:網友
net提供了進行數據加密類,下面就用例子進行說明如何使用md5進行數據加密。
首先,創建一個useraccount表,字段兩個:username和password,類型分別為varchar(25)和binary(16),下面的asp.net代碼就是創建用戶時的具體實現:
<%@ import namespace="system.security.cryptography" %>
<%@ import namespace="system.text" %>
<%@ import namespace="system.data" %>
<%@ import namespace="system.data.sqlclient" %>
<script runat="server" language="vb">
sub createaccount(sender as object, e as eventargs)
'1. 創建連接
const strconnstring as string
strconnstring= "data source=.;initial catalog=test;user id=sa;password=;"
dim objconn as new sqlconnection(strconnstring)
'2. 創建command對象
dim strsql as string = _
"insert into useraccount(username,password) " & _
"values(@username, @password)"
dim objcmd as new sqlcommand(strsql, objconn)
'3. 創建參數
dim paramusername as sqlparameter
paramusername = new sqlparameter("@username", sqldbtype.varchar, 25)
paramusername.value = txtusername.text
objcmd.parameters.add(paramusername)
'加密密碼字段
dim md5hasher as new md5cryptoserviceprovider()
dim hashedbytes as byte()
dim encoder as new utf8encoding()
hashedbytes = md5hasher.computehash(encoder.getbytes(txtpwd.text))
dim parampwd as sqlparameter
parampwd = new sqlparameter("@password", sqldbtype.binary, 16)
parampwd.value = hashedbytes
objcmd.parameters.add(parampwd)
'插入數據庫
objconn.open()
objcmd.executenonquery()
objconn.close()
'redirect 其它頁面
end sub
</script>
<form runat="server">
<h1>創建帳號:</h1>
用戶名: <asp:textbox runat="server" id="txtusername"/>
<br/>
密碼: <asp:textbox runat="server" id="txtpwd" textmode="password"/>
<p><asp:button runat="server" text="創建用戶" onclick="createaccount"/></p>
</form>
下面是對用戶進行驗證的asp.net代碼:
<%@ import namespace="system.security.cryptography" %>
<%@ import namespace="system.text" %>
<%@ import namespace="system.data" %>
<%@ import namespace="system.data.sqlclient" %>
<script runat="server" language="vb">
sub login(sender as object, e as eventargs)
'1. 創建連接
const strconnstring as string
strconnstring= "data source=.;initial catalog=test;user id=sa;password=;"
dim objconn as new sqlconnection(strconnstring)
'2. 創建command對象
dim strsql as string = "select count(*) from useraccount " & _
"where [email protected] and [email protected]"
dim objcmd as new sqlcommand(strsql, objconn)
'3. 創建參數
dim paramusername as sqlparameter
paramusername = new sqlparameter("@username", sqldbtype.varchar, 25)
paramusername.value = txtusername.text
objcmd.parameters.add(paramusername)
'加密密碼
dim md5hasher as new md5cryptoserviceprovider()
dim hasheddatabytes as byte()
dim encoder as new utf8encoding()
hasheddatabytes = md5hasher.computehash(encoder.getbytes(txtpwd.text))
dim parampwd as sqlparameter
parampwd = new sqlparameter("@password", sqldbtype.binary, 16)
parampwd.value = hasheddatabytes
objcmd.parameters.add(parampwd)
'執行查詢
objconn.open()
dim iresults as integer = objcmd.executescalar()
objconn.close()
if iresults = 1 then
'合法
else
'不合法
end if
end sub
</script>
<form runat="server">
<h1>登錄:</h1>
用戶名:<asp:textbox runat="server" id="txtusername"/><br/>
密 碼:<asp:textbox runat="server" id="txtpwd" textmode="password"/>
<p><asp:button runat="server" text="登錄" onclick="login"/>
</form>
下面是md5cryptoserviceprovider直接生成的例子:
<%@ import namespace="system.security.cryptography" %>
<%@ import namespace="system.text" %>
<script language="vb" runat="server">
sub displayencryptedtext(sender as object, e as eventargs)
if page.isvalid then
dim md5hasher as new md5cryptoserviceprovider()
dim hasheddatabytes as byte()
dim encoder as new utf8encoding()
hasheddatabytes = md5hasher.computehash(encoder.getbytes(txtpassword.text))
ltlresults.text = "<b>encrypted results</b><br /> the results are encrypted into " & _
"an array of 16 bytes. these 16 bytes contain the values:<p><ul>"
dim b as byte
for each b in hasheddatabytes
ltlresults.text &= "<li>" & b & "</li>"
next b
ltlresults.text &= "</ul>"
end if
end sub
</script>
<form runat="server">
enter a string:
<asp:textbox id="txtpassword" runat="server" />
<asp:requiredfieldvalidator runat="server" controltovalidate="txtpassword"
display="dynamic" errormessage="<i>you must provide a value here...</i>" />
<asp:regularexpressionvalidator runat="server" controltovalidate="txtpassword"
display="dynamic" errormessage="<i>the string must be 20 characters or less...</i>"
validationexpression="^.{1,20}$" />
<br />
<asp:button runat="server" text="view the string as encrypted text"
onclick="displayencryptedtext" />
<p>
<asp:literal runat="server" id="ltlresults" />
</form>
