ASP.NET代码例子 留言板程序
asp.net代码审计很少玩,他不想php可以直接调试,复杂得多了。而且资料也是太少了。
程序集的还要dll逆向。各种蛋疼
不过后台一般都是cs文件可以看看不。
毕竟有些地方就是采用cs的方式。
先来看个简单的例子把
using System; using System.Collections.Generic; using System.Web; using System.Web.UI; using System.Web.UI.WebControls; using System.Data.SqlClient; using System.Security.Cryptography; public partial class Admin_Login : System.Web.UI.Page { protected void Page_Load(object sender, EventArgs e) { } protected void Button1_Click(object sender, EventArgs e) { string Username = this.UserName.Text.ToString(); string password = this.Password.Text.ToString(); string mycode = this.myCode.Text.ToString(); string loginIP = Request.UserHostAddress; if (Username == "" || Username == null) { Response.Write("<script>alert('用户名不能为空!');</script>"); return; } if (password == "" || password == null) { Response.Write("<script>alert('密码不能为空!');</script>"); return; } if (!mycode.Equals(Session["code"].ToString())) { Response.Write("<script>alert('验证码错误!');</script>"); return; } SqlDataReader dr = DbHelp.ExecuteReader("select * from A_Admin where Name='" + Username + "'"); dr.Read(); if (dr.FieldCount > 0) { string md5Name = MD5(password); if (md5Name.Equals(dr["Password"].ToString())) { DbHelp.ExecuteSql("update A_Admin set Loginip='" + loginIP + "' where Name='" + Username + "'"); Session["BookName"] = dr["Name"].ToString(); Response.Write("<script>alert('登录成功!'); window.location.href='main.aspx';</script>"); return; } else { Response.Write("<script>alert('密码错误!'); </script>"); return; } } else { Response.Write("<script>alert('用户名错误!');</script>"); return; } } //Md5加密 public static string MD5(string stringText) { MD5CryptoServiceProvider MD5CSP = new MD5CryptoServiceProvider(); byte[] MD5Source = System.Text.Encoding.UTF8.GetBytes(stringText); byte[] MD5Out = MD5CSP.ComputeHash(MD5Source); return Convert.ToBase64String(MD5Out); } }
string Username = this.UserName.Text.ToString(); 控件带入。
SqlDataReader dr = DbHelp.ExecuteReader("select * from A_Admin where Name='" + Username + "'");
- 左青龙
- 微信扫一扫
- 右白虎
- 微信扫一扫
评论