这就是我处理加密的方式
首先,我创建了一种将简单字符串转换为sha256的方法(我认为这比md5更好)
public string ToSHA256(string value)
{
SHA256 sha256 = SHA256.Create();
byte[] hashData = sha256.ComputeHash(Encoding.Default.GetBytes(value));
StringBuilder returnValue = new StringBuilder();
for (int i = 0; i < hashData.Length; i++)
{
returnValue.Append(hashData[i].ToString());
}
return returnValue.ToString();
}
然后
try
{
sqlConnection conn = new sqlConnection(ConfigurationManager.ConnectionStrings["AssignmentDBConnectionString"].ConnectionString);
conn.open();
string insertQuery = "insert into [AsTable] ([Username],Email,Password) values (@Username ,@Email, @Password)";
sqlCommand com = new sqlCommand(insertQuery, conn);
com.Parameters.AddWithValue("@Username", Text@R_400_2419@Username.Text);
com.Parameters.AddWithValue("@email", Text@R_400_2419@Email.Text);
com.Parameters.AddWithValue("@password", ToSHA256(Text@R_400_2419@Pass.Text));
com.ExecuteNonQuery();
Response.Redirect("Manager.aspx");
Response.Write("Registration Completed");
conn.Close();
}
catch (Exception ex)
{
Response.Write("Error:"+ex.ToString());
}
然后在找回密码
conn.open();
string checkPasswordQuery = "select Password from [AsTable] where Username ='" + ToSHA256(Text@R_400_2419@Username.Text) + "'";
sqlCommand passcom = new sqlCommand(checkPasswordQuery, conn);
//string password = passcom.ExecuteScalar().ToString().Replace(" ","");
if (password == ToSHA256(Text@R_400_2419@Password.Text))
{
Session["New"] = Text@R_400_2419@Username.Text;
Response.Write("Password is correct");
Response.Redirect("Index.aspx");
}
else
{
Response.Write("Password is not correct");
}
}
else
{
Response.Write("Username is not correct");
}
}