ASP.NET中散列加密密码
文章类别:
Asp.net | 发表日期:2008-10-5 22:09:47
private void LoginButton_Click(object sender,System.EventArgs e)
{
String sql=String.Format("select password from Administrator where AdminID='{0}',UseridBox.Text);
SqlConnection conn=new SqlConnection(ConfigurationSettings.AppSettings["connectionString"]);
SqlDataReader myreader=new SqlCommand(sql,conn).ExecuteReader();
if(myreader.Read())
{
String hashed=FormsAuthentication.HashPasswordForStoringInConfigFile(PasswordTextBox.Text,"SHA1");
//将用户输入的密码哈希后再与数据库是的哈希值进行比较
if(hash==myreader["password"]).ToString())
{
FormsAuthentication.RedirectFromLoginPage(UseridBox.Text,true);//转到请求页
}
else
Result.Text="密码错误";
}
else
Result.Text="用户不存在";
conn.Close();
}