privatevoidbtnLogin_Click(objectsender,RoutedEventArgse){stringusername=txtUserName.Text;stringpwd=pwdPassword.Password;Operatorop=newOperatorDAL().GetByUserName(username...
private void btnLogin_Click(object sender, RoutedEventArgs e)
{
string username = txtUserName.Text;
string pwd = pwdPassword.Password;
Operator op = new OperatorDAL().GetByUserName(username);
if (op == null)
{
MessageBox.Show("用户名或者密码错误!");
}
else
{
string dbMd5 = op.Password; //数据库中存储的密码值
string mymd5 = CommonHelper.GetMD5(pwd +CommonHelper.GetPasswordSalt());
if (dbMd5 == mymd5)
{
//MessageBox.Show("登录成功");
DialogResult = true;
}
else
{
MessageBox.Show("用户名或者密码错误!");
}
}
}
这是一段用户登录时密码和用户名验证程序,当中GetPasswordSalt()为下面函数
public static string GetPasswordSalt()
{
string salt = ConfigurationManager.AppSettings["passwordSalt"];
return salt;
}
其中passwordSalt为程序配置中的节
GetMD5函数如下
public static string GetMD5(string sDataIn)
{
MD5CryptoServiceProvider md5 = new MD5CryptoServiceProvider();
byte[] bytValue, bytHash;
bytValue = System.Text.Encoding.UTF8.GetBytes(sDataIn);
bytHash = md5.ComputeHash(bytValue);
md5.Clear();
string sTemp = "";
for (int i = 0; i < bytHash.Length; i++)
{
sTemp += bytHash[i].ToString("X").PadLeft(2, '0');
}
return sTemp.ToLower();
}
程序段基本上就是这样,这里的密码盐(可能不是通用术语)到底是起什么作用???谢谢!
展开