在做一个前台的登陆和后台的信息审核管理功能时,需要用到记住密码的模块:
虽然.net内置了登陆控件,有记住密码的功能,但还是想自己实践一下,以下代码主要应用了COOKIE,包括安全加密的过程等。
//设置,删除Cookie
//provider jb51.net
protected void set_cookie()
{
HttpCookie UserNameCookie = Request.Cookies["UserNameCookie"];
HttpCookie UserPasswordCookie = Request.Cookies["UserPasswordCookie"];
if (this.CheSave.Checked)
{
lblcookie.Text = "1";
//保存用户名和密码到cookie
if (UserNameCookie == null)
{
UserNameCookie = new HttpCookie("UserNameCookie");
UserNameCookie.Values.Add("UserName", TxtUserName.Text);
UserNameCookie.Expires = DateTime.Now.AddDays(30);
Response.Cookies.Add(UserNameCookie);
}
//修改COOKIE
else if (UserNameCookie.Values["UserName"] != TxtUserName.Text)
{
SetToCookie(UserNameCookie, "UserName", TxtUserName.Text);
}
if (UserPasswordCookie == null)
{
UserPasswordCookie = new HttpCookie("UserPasswordCookie");
string password1 = FormsAuthentication.HashPasswordForStoringInConfigFile(TxtUserPassword.Text, "MD5"); //如果重新指定用户密码,则重新加密密码
UserPasswordCookie.Values.Add("UserPassword", password1);
UserPasswordCookie.Expires = DateTime.Now.AddDays(30);
Response.Cookies.Add(UserPasswordCookie);
}
else if (UserPasswordCookie.Values["UserPassword"] != FormsAuthentication.HashPasswordForStoringInConfigFile(TxtUserPassword.Text, "MD5") && TxtUserPassword.Text != "1234567890")
//“1234567890”是程现在密码框中的十个字符。
{
SetToCookie(UserPasswordCookie, "UserPassword", FormsAuthentication.HashPasswordForStoringInConfigFile(TxtUserPassword.Text, "MD5"));
}
}
else
{
lblcookie.Text = "0";
//从cookie删除用户名和密码
if (Response.Cookies["UserNameCookie"] != null)
{
HttpCookie myCookie = new HttpCookie("UserNameCookie");
myCookie.Expires = DateTime.Now.AddDays(-1d);
Response.Cookies.Add(myCookie);
}
if (Response.Cookies["UserPasswordCookie"] != null)
{
HttpCookie myCookie = new HttpCookie("UserPasswordCookie");
myCookie.Expires = DateTime.Now.AddDays(-1d);
Response.Cookies.Add(myCookie);
}
}
}
//检查是否存在COOKie情况
public void check_cookie()
{
HttpCookie UserNameCookie = Request.Cookies["UserNameCookie"];
HttpCookie UserPasswordCookie = Request.Cookies["UserPasswordCookie"];
if (UserNameCookie != null)
{
this.CheSave.Checked = true;
TxtUserName.Text = UserNameCookie.Values["UserName"];
}
if (UserPasswordCookie != null)
{
TxtUserPassword.Attributes.Add("value", "1234567890");//设置密码框初始值
}
}
public string getpassword()
{
HttpCookie UserPasswordCookie = Request.Cookies["UserPasswordCookie"];
string strpwd = ""; //获取此密码字符串与数据库存中的密布相比。
if (lblcookie.Text == "1")
{
strpwd = UserPasswordCookie.Values["UserPassWord"];//直接获取COOKIE中的密码值
}
else
{
strpwd= FormsAuthentication.HashPasswordForStoringInConfigFile(TxtUserPassword.Text, "MD5"); //对密码进行加密
}
return strpwd; //返回密码字段
}
//修改COOKIE这段的方法
public void SetToCookie(HttpCookie httpcookie, string cookiename, string cookievalue)
{
httpcookie.Values[cookiename] = cookievalue;
httpcookie.Expires = DateTime.Now.AddDays(30);
Response.Cookies.Add(httpcookie);
}
}
