<%@ Import Namespace="System.Security.Cryptography"%> <%@ Import Namespace="System.Text"%> <%@ Import Namespace="System.Data"%> <%@ Import Namespace="System.Data.SqlClient"%> <script runat="server" language="VB"> Sub CreateAccount(sender as Object, e as EventArgs) '1. 创建连接 Const strConnString as String strConnString="Data Source=.;Initial Catalog=test;User Id=sa;Password=;" Dim objConn as New SqlConnection(strConnString) '2. 创建Command对象 Dim strSQL as String = _ "INSERT INTO UserAccount(Username,Password) "& _ "VALUES(@Username, @Password)" Dim objCmd as New SqlCommand(strSQL, objConn) '3. 创建参数 Dim paramUsername as SqlParameter paramUsername = New SqlParameter("@Username", SqlDbType.VarChar, 25) paramUsername.Value = txtUsername.Text objCmd.Parameters.Add(paramUsername) '加密密码字段 Dim md5Hasher as New MD5CryptoServiceProvider() Dim hashedBytes as Byte() Dim encoder as New UTF8Encoding() hashedBytes = md5Hasher.ComputeHash(encoder.GetBytes(txtPwd.Text)) Dim paramPwd as SqlParameter paramPwd = New SqlParameter("@Password", SqlDbType.Binary, 16) paramPwd.Value = hashedBytes objCmd.Parameters.Add(paramPwd) '插入数据库 objConn.Open() objCmd.ExecuteNonQuery() objConn.Close() 'Redirect 其它页面 End Sub </script> <form runat="server"> <h1>创建帐号:</h1> 用户名: <asp:TextBox runat="server" id="txtUsername"/> <br/> 密码: <asp:TextBox runat="server" id="txtPwd" TextMode="Password"/> <p><asp:Button runat="server" Text="创建用户" OnClick="CreateAccount"/></p> </form> 下面是对用户进行验证的ASP.NET代码: <%@ Import Namespace="System.Security.Cryptography"%> <%@ Import Namespace="System.Text"%> <%@ Import Namespace="System.Data"%> <%@ Import Namespace="System.Data.SqlClient"%> <script runat="server" language="VB"> Sub Login(sender as Object, e as EventArgs) '1. 创建连接 Const strConnString as String strConnString="Data Source=.;Initial Catalog=test;User Id=sa;Password=;" Dim objConn as New SqlConnection(strConnString) '2. 创建Command对象 Dim strSQL as String ="SELECT COUNT(*) FROM UserAccount "& _ "WHERE Username=@Username AND Password=@Password" Dim objCmd as New SqlCommand(strSQL, objConn) '3. 创建参数 Dim paramUsername as SqlParameter paramUsername = New SqlParameter("@Username", SqlDbType.VarChar, 25) paramUsername.Value = txtUsername.Text objCmd.Parameters.Add(paramUsername) '加密密码 Dim md5Hasher as New MD5CryptoServiceProvider() Dim hashedDataBytes as Byte() Dim encoder as New UTF8Encoding() hashedDataBytes = md5Hasher.ComputeHash(encoder.GetBytes(txtPwd.Text)) Dim paramPwd as SqlParameter paramPwd = New SqlParameter("@Password", SqlDbType.Binary, 16) paramPwd.Value = hashedDataBytes objCmd.Parameters.Add(paramPwd) '执行查询 objConn.Open() Dim iResults as Integer = objCmd.ExecuteScalar() objConn.Close() If iResults =1 then '合法 Else '不合法 End If End Sub </script> <form runat="server"> <h1>登录:</h1> 用户名:<asp:TextBox runat="server" id="txtUsername"/><br/> 密 码:<asp:TextBox runat="server" id="txtPwd" TextMode="Password"/> <p><asp:Button runat="server" Text="登录" OnClick="Login"/> </form> 下面是MD5CryptoServiceProvider直接生成的例子: <%@ Import Namespace="System.Security.Cryptography"%> <%@ Import Namespace="System.Text"%> <script language="VB" runat="server"> Sub DisplayEncryptedText(sender as Object, e as EventArgs) If Page.IsValid then Dim md5Hasher as New MD5CryptoServiceProvider() Dim hashedDataBytes as Byte() Dim encoder as New UTF8Encoding() hashedDataBytes = md5Hasher.ComputeHash(encoder.GetBytes(txtPassword.Text)) ltlResults.Text ="<b>Encrypted Results</b><br /> The results are encrypted into "& _ "an array of 16 bytes. These 16 bytes contain the values:<p><ul>" Dim b as Byte For Each b in hashedDataBytes ltlResults.Text &="<li>"& b &"</li>" Next b ltlResults.Text &="</ul>" End If End Sub </script> <form runat="server"> Enter a string: <asp:TextBox id="txtPassword" runat="server"/> <asp:RequiredFieldValidator runat="server" ControlToValidate="txtPassword" Display="Dynamic" ErrorMessage="<i>You must provide a value here...</i>"/> <asp:RegularExpressionValidator runat="server" ControlToValidate="txtPassword" Display="Dynamic" ErrorMessage="<i>The string must be 20 characters or less...</i>" ValidationExpression="^.{1,20}$"/> <br /> <asp:Button runat="server" Text="View the String as Encrypted Text" OnClick="DisplayEncryptedText"/> <p> <asp:Literal runat="server" id="ltlResults"/> </form>