记住密码 cookie+MD5 的应用[转]

最近做了个前台的登陆和后台的信息审核管理,我是新手,由于里面扯级很多的第一次技术问题,所以,有些问题也折腾了我很久,现在系统做好了,把一前心得和技术代码记下来,免得以后又忘了。

    首先是记住密码模块:

   虽然.net内置了登陆控件,有记住密码的功能,但还是想试着自己做个体会下,里面主要涉及COOKIE的应用,包括安全加密的过程,以下是实现的代码:

   //设置,删除Cookie
        protected void set_cookie()
        {
            HttpCookie UserNameCookie = Request.Cookies["UserNameCookie"];
            HttpCookie UserPasswordCookie = Request.Cookies["UserPasswordCookie"];

            if (this.CheSave.Checked)
            {
                lblcookie.Text = "1";

                //保存用户名和密码到cookie
                if (UserNameCookie == null)
                {
                    UserNameCookie = new HttpCookie("UserNameCookie");
                    UserNameCookie.Values.Add("UserName", TxtUserName.Text);
                    UserNameCookie.Expires = DateTime.Now.AddDays(30);
                    Response.Cookies.Add(UserNameCookie);

                }
                //修改COOKIE
                else if (UserNameCookie.Values["UserName"] != TxtUserName.Text)
                {
                    SetToCookie(UserNameCookie, "UserName", TxtUserName.Text);
                }

                if (UserPasswordCookie == null)
                {
                    UserPasswordCookie = new HttpCookie("UserPasswordCookie");
                    string password1 = FormsAuthentication.HashPasswordForStoringInConfigFile(TxtUserPassword.Text, "MD5");     //如果重新指定用户密码,则重新加密密码
                    UserPasswordCookie.Values.Add("UserPassword", password1);
                    UserPasswordCookie.Expires = DateTime.Now.AddDays(30);
                    Response.Cookies.Add(UserPasswordCookie);

                }
                else if (UserPasswordCookie.Values["UserPassword"] != FormsAuthentication.HashPasswordForStoringInConfigFile(TxtUserPassword.Text, "MD5") && TxtUserPassword.Text != "1234567890")   

                //“1234567890”是程现在密码框中的十个字符。
                {
                    SetToCookie(UserPasswordCookie, "UserPassword", FormsAuthentication.HashPasswordForStoringInConfigFile(TxtUserPassword.Text, "MD5"));
                }


            }
            else
            {
                lblcookie.Text = "0";
                //从cookie删除用户名和密码
                if (Response.Cookies["UserNameCookie"] != null)
                {
                    HttpCookie myCookie = new HttpCookie("UserNameCookie");
                    myCookie.Expires = DateTime.Now.AddDays(-1d);
                    Response.Cookies.Add(myCookie);
                }
                if (Response.Cookies["UserPasswordCookie"] != null)
                {
                    HttpCookie myCookie = new HttpCookie("UserPasswordCookie");
                    myCookie.Expires = DateTime.Now.AddDays(-1d);
                    Response.Cookies.Add(myCookie);
                }
            }

        }
        //检查是否存在COOKie情况
        public void check_cookie()
        {
            HttpCookie UserNameCookie = Request.Cookies["UserNameCookie"];
            HttpCookie UserPasswordCookie = Request.Cookies["UserPasswordCookie"];

            if (UserNameCookie != null)
            {
                this.CheSave.Checked = true;
                TxtUserName.Text = UserNameCookie.Values["UserName"];
            }

            if (UserPasswordCookie != null)
            {
                TxtUserPassword.Attributes.Add("value", "1234567890");//设置密码框初始值
            }
        }
        public string getpassword()
        {
            HttpCookie UserPasswordCookie = Request.Cookies["UserPasswordCookie"];
            string strpwd = "";  //获取此密码字符串与数据库存中的密布相比。
            if (lblcookie.Text == "1")
            {
                strpwd = UserPasswordCookie.Values["UserPassWord"];//直接获取COOKIE中的密码值
            }
            else
            { 
                strpwd= FormsAuthentication.HashPasswordForStoringInConfigFile(TxtUserPassword.Text, "MD5"); //对密码进行加密
            }
            return strpwd;                                         //返回密码字段    
        }   

        //修改COOKIE这段的方法
        public void SetToCookie(HttpCookie httpcookie, string cookiename, string cookievalue)
        {
            httpcookie.Values[cookiename] = cookievalue;
            httpcookie.Expires = DateTime.Now.AddDays(30);
            Response.Cookies.Add(httpcookie);
        }
    }

posted on 2010-10-08 10:46  不悔的青春  阅读(2818)  评论(0编辑  收藏  举报

导航