两个文本框(用户名密码),一个提交按扭,点击按扭时进行加密及注册处理!
cs如下:
using System.Drawing;
using System.Web;
using System.Web.SessionState;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.HtmlControls;
using System.Data.SqlClient;
using System.Security.Cryptography;
using System.Security;
using System.IO;
using System.Text;
namespace Security.Formsauth
{
/**//// <summary>
/// Reg 的摘要说明。
/// </summary>
public class Reg : System.Web.UI.Page
{
protected System.Web.UI.WebControls.RequiredFieldValidator RequiredFieldValidator2;
protected System.Web.UI.WebControls.TextBox tbPass;
protected System.Web.UI.WebControls.Label Label2;
protected System.Web.UI.WebControls.RequiredFieldValidator RequiredFieldValidator1;
protected System.Web.UI.WebControls.TextBox tbName;
protected System.Web.UI.WebControls.Label Label1;
protected System.Web.UI.WebControls.Label Label3;
protected System.Web.UI.WebControls.Button btnReg;
private void Page_Load(object sender, System.EventArgs e)
{
// 在此处放置用户代码以初始化页面
}
Web Form Designer generated code#region Web Form Designer generated code
override protected void OnInit(EventArgs e)
{
//
// CODEGEN:该调用是 ASP.NET Web 窗体设计器所必需的。
//
InitializeComponent();
base.OnInit(e);
}
/**//// <summary>
/// 设计器支持所需的方法 - 不要使用代码编辑器修改
/// 此方法的内容。
/// </summary>
private void InitializeComponent()
{
this.btnReg.Click += new System.EventHandler(this.btnReg_Click);
this.Load += new System.EventHandler(this.Page_Load);
}
#endregion
private void btnReg_Click(object sender, System.EventArgs e)
{
SqlConnection con = new SqlConnection();
con.ConnectionString = System.Configuration.ConfigurationSettings.AppSettings["DSN"];
con.Open();
//以下得到hash和salt加密串
const int salSize = 16;
// step 1: create some entropy for use as the salt
RandomNumberGenerator rng = RandomNumberGenerator.Create();
byte[] salt = new byte[ salSize ];
rng.GetBytes(salt);
// step 2: turn the password into bytes
byte[] secret = Encoding.Unicode.GetBytes(tbPass.Text);
// step 3: create the hash
HashAlgorithm hashAlg = SHA1.Create();
using(CryptoStream cs = new CryptoStream(Stream.Null, hashAlg, CryptoStreamMode.Write))
{
cs.Write(secret, 0, secret.Length);
cs.Write(salt, 0, salt.Length);
cs.FlushFinalBlock();
}
string strHash = Convert.ToBase64String(hashAlg.Hash);
string strSalt = Convert.ToBase64String(salt);
//
string strSql = "insert into formsUserInfo values(@username,@hashPass,@saltPass)";
SqlParameter sqlpUser = new SqlParameter("@username",SqlDbType.NVarChar,64);
sqlpUser.Value = tbName.Text;
SqlParameter sqlpPassHash = new SqlParameter("@hashPass",SqlDbType.NVarChar,50);
SqlParameter sqlpPassSalt = new SqlParameter("@saltPass",SqlDbType.NVarChar,50);
sqlpPassHash.Value = strHash;
sqlpPassSalt.Value = strSalt;
SqlCommand com = new SqlCommand(strSql,con);
com.Parameters.Add(sqlpUser);
com.Parameters.Add(sqlpPassHash);
com.Parameters.Add(sqlpPassSalt);
com.ExecuteNonQuery();
con.Close();
Response.Write("<script language='javascript'>alert('注册成功!')</script>");
}
}
}
using System.Web;
using System.Web.SessionState;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.HtmlControls;
using System.Data.SqlClient;
using System.Security.Cryptography;
using System.Security;
using System.IO;
using System.Text;
namespace Security.Formsauth
{
/**//// <summary>
/// Reg 的摘要说明。
/// </summary>
public class Reg : System.Web.UI.Page
{
protected System.Web.UI.WebControls.RequiredFieldValidator RequiredFieldValidator2;
protected System.Web.UI.WebControls.TextBox tbPass;
protected System.Web.UI.WebControls.Label Label2;
protected System.Web.UI.WebControls.RequiredFieldValidator RequiredFieldValidator1;
protected System.Web.UI.WebControls.TextBox tbName;
protected System.Web.UI.WebControls.Label Label1;
protected System.Web.UI.WebControls.Label Label3;
protected System.Web.UI.WebControls.Button btnReg;
private void Page_Load(object sender, System.EventArgs e)
{
// 在此处放置用户代码以初始化页面
}
Web Form Designer generated code#region Web Form Designer generated code
override protected void OnInit(EventArgs e)
{
//
// CODEGEN:该调用是 ASP.NET Web 窗体设计器所必需的。
//
InitializeComponent();
base.OnInit(e);
}
/**//// <summary>
/// 设计器支持所需的方法 - 不要使用代码编辑器修改
/// 此方法的内容。
/// </summary>
private void InitializeComponent()
{
this.btnReg.Click += new System.EventHandler(this.btnReg_Click);
this.Load += new System.EventHandler(this.Page_Load);
}
#endregion
private void btnReg_Click(object sender, System.EventArgs e)
{
SqlConnection con = new SqlConnection();
con.ConnectionString = System.Configuration.ConfigurationSettings.AppSettings["DSN"];
con.Open();
//以下得到hash和salt加密串
const int salSize = 16;
// step 1: create some entropy for use as the salt
RandomNumberGenerator rng = RandomNumberGenerator.Create();
byte[] salt = new byte[ salSize ];
rng.GetBytes(salt);
// step 2: turn the password into bytes
byte[] secret = Encoding.Unicode.GetBytes(tbPass.Text);
// step 3: create the hash
HashAlgorithm hashAlg = SHA1.Create();
using(CryptoStream cs = new CryptoStream(Stream.Null, hashAlg, CryptoStreamMode.Write))
{
cs.Write(secret, 0, secret.Length);
cs.Write(salt, 0, salt.Length);
cs.FlushFinalBlock();
}
string strHash = Convert.ToBase64String(hashAlg.Hash);
string strSalt = Convert.ToBase64String(salt);
//
string strSql = "insert into formsUserInfo values(@username,@hashPass,@saltPass)";
SqlParameter sqlpUser = new SqlParameter("@username",SqlDbType.NVarChar,64);
sqlpUser.Value = tbName.Text;
SqlParameter sqlpPassHash = new SqlParameter("@hashPass",SqlDbType.NVarChar,50);
SqlParameter sqlpPassSalt = new SqlParameter("@saltPass",SqlDbType.NVarChar,50);
sqlpPassHash.Value = strHash;
sqlpPassSalt.Value = strSalt;
SqlCommand com = new SqlCommand(strSql,con);
com.Parameters.Add(sqlpUser);
com.Parameters.Add(sqlpPassHash);
com.Parameters.Add(sqlpPassSalt);
com.ExecuteNonQuery();
con.Close();
Response.Write("<script language='javascript'>alert('注册成功!')</script>");
}
}
}