在ASP.NET中提供了加密的功能。名字空间System.Web.Security中包含了类FormsAuthentication,其中有一个方法HashPasswordForStoringInConfigFile。这个方法可以将用户提供的字符变成乱码,然后存储起来。注意此方法是不能继承的。
下面的代码就是在做注册页面时将数据加密后存储到数据库的过程
Imports System.Web.Security
Imports System.Data
Imports System.Data.SqlClient '////////所需要的名称空间
Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
Dim PassFormate As String
'///////////////EncryptPassword调用函数
PassFormate = EncryptPassword(uid.Text, "md5") '//////////或者是EncryptPassword(uid.Text, "sha1")
'TextBox2.Text = EncryptPassword(uid.Text, "md5")
'TextBox3.Text = EncryptPassword(uid.Text, "sha1")
'///////////这些大家自己试验吧
'TextBox4.Text = FormsAuthentication.FormsCookieName
'TextBox5.Text = FormsAuthentication.FormsCookiePath
'TextBox6.Text = FormsAuthentication.GetRedirectUrl(uid.Text, True)
'FormsAuthentication.SetAuthCookie(uid.Text, True)
Dim sql As String = "insert into pwd(uid,pwd) values(@uid,@pwd)"
Dim comm As SqlCommand = New SqlCommand(sql, conn)
conn.Open()
comm.Parameters.Add(New SqlParameter("@uid", SqlDbType.Char, 16))
comm.Parameters("@uid").Value = uid.Text
comm.Parameters.Add(New SqlParameter("@pwd", SqlDbType.Char, 16))
comm.Parameters("@pwd").Value = PassFormate
comm.ExecuteNonQuery()
End Sub
'////////////////定义加密函数,可以随时调用。
Function EncryptPassword(ByVal password As String, ByVal passwordformate As String)
If passwordformate = "sha1" Then
EncryptPassword = FormsAuthentication.HashPasswordForStoringInConfigFile(password, "sha1")
ElseIf passwordformate = "md5" Then
EncryptPassword = FormsAuthentication.HashPasswordForStoringInConfigFile(password, "md5")
Else
EncryptPassword = ""
End If
End Function
至于用户的验证也是一样的思路了。
