我正在通过实现System.Web.Security.membershipprovider编写自定义成员资格提供程序类。
现在我的问题是在访问课程时遇到错误
错误代码:
String reference not set to an instance of a String.
Parameter name: s
堆栈追踪:
at System.Text.Encoding.GetBytes(String s)
at ss.Provider.EncodePassword(String password)
at ss.Provider.CreateUser(String username, String password, String email, String passwordQuestion, String passwordAnswer, Boolean isApproved, Object providerUserKey, MembershipCreateStatus& status)
at System.Web.UI.WebControls.CreateUserWizard.AttemptCreateUser()
at System.Web.UI.WebControls.CreateUserWizard.OnNextButtonClick(WizardNavigationEventArgs e)
at System.Web.UI.WebControls.Wizard.OnBubbleEvent(Object source, EventArgs e)
at System.Web.UI.WebControls.CreateUserWizard.OnBubbleEvent(Object source, EventArgs e)
at System.Web.UI.WebControls.Wizard.WizardChildTable.OnBubbleEvent(Object source, EventArgs args)
at System.Web.UI.Control.RaiseBubbleEvent(Object source, EventArgs args)
at System.Web.UI.WebControls.Button.OnCommand(CommandEventArgs e)
at System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument)
at System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument)
at System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument)
at System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
和我的班级
创建用户:
public override MembershipUser GetUser(object userID,bool userIsOnline)
{
SqlConnection sqlConnection = new SqlConnection(connectionString);
SqlCommand sqlCommand = new SqlCommand("User_SelByUserID", sqlConnection);
sqlCommand.CommandType = CommandType.StoredProcedure;
sqlCommand.Parameters.Add("@userID", SqlDbType.UniqueIdentifier).Value = userID;
MembershipUser membershipUser = null;
SqlDataReader sqlDataReader = null;
try
{
sqlConnection.Open();
sqlDataReader = sqlCommand.ExecuteReader(CommandBehavior.CloseConnection);
if (sqlDataReader.HasRows)
{
sqlDataReader.Read();
membershipUser = GetUserFromReader(sqlDataReader);
if (userIsOnline)
{
SqlCommand sqlUpdateCommand = new SqlCommand("User_UpdateActivityDate_ByUserID", sqlConnection);
sqlUpdateCommand.CommandType = CommandType.StoredProcedure;
sqlUpdateCommand.Parameters.Add("@userID", SqlDbType.NVarChar, 255).Value = userID;
sqlUpdateCommand.Parameters.Add("@applicationName", SqlDbType.NVarChar, 255).Value = applicationName;
sqlUpdateCommand.ExecuteNonQuery();
}
}
}
catch (SqlException e)
{
//Add exception handling here.
}
finally
{
if (sqlDataReader != null) { sqlDataReader.Close(); }
}
return membershipUser;
}
编码密码:
private string EncodePassword(string password)
{
string encodedPassword = password;
switch (PasswordFormat)
{
case MembershipPasswordFormat.Clear:
break;
case MembershipPasswordFormat.Encrypted:
encodedPassword = Convert.ToBase64String(EncryptPassword(Encoding.Unicode.GetBytes(password)));
break;
case MembershipPasswordFormat.Hashed:
HMACSHA1 hash = new HMACSHA1();
hash.Key = HexToByte(machineKey.ValidationKey);
encodedPassword = Convert.ToBase64String(hash.ComputeHash(Encoding.Unicode.GetBytes(password)));
break;
default:
throw new ProviderException("Unsupported password format.");
}
return encodedPassword;
}
给出字符串的密码是Gowtham!1
更新:
public override MembershipUser CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status)
{
ValidatePasswordEventArgs args = new ValidatePasswordEventArgs(username, password, true);
OnValidatingPassword(args);
if (args.Cancel)
{
status = MembershipCreateStatus.InvalidPassword;
return null;
}
if ((RequiresUniqueEmail && (GetUserNameByEmail(email) != String.Empty)))
{
status = MembershipCreateStatus.DuplicateEmail;
return null;
}
MembershipUser membershipUser = GetUser(username, false);
if (membershipUser == null)
{
System.DateTime createDate = DateTime.Now;
SqlConnection sqlConnection = new SqlConnection(connectionString);
SqlCommand sqlCommand = new SqlCommand("User_Ins", sqlConnection);
sqlCommand.CommandType = CommandType.StoredProcedure;
sqlCommand.Parameters.Add("@returnValue", SqlDbType.Int, 0).Direction = ParameterDirection.ReturnValue;
sqlCommand.Parameters.Add("@username", SqlDbType.NVarChar, 255).Value = username; ;
sqlCommand.Parameters.Add("@applicationName", SqlDbType.NVarChar, 255).Value = applicationName;
sqlCommand.Parameters.Add("@password", SqlDbType.NVarChar, 255).Value = EncodePassword(password);
sqlCommand.Parameters.Add("@email", SqlDbType.NVarChar, 128).Value = email;
sqlCommand.Parameters.Add("@passwordQuestion", SqlDbType.NVarChar, 255).Value = passwordQuestion;
sqlCommand.Parameters.Add("@passwordAnswer", SqlDbType.NVarChar, 255).Value = EncodePassword(passwordAnswer);
sqlCommand.Parameters.Add("@isApproved", SqlDbType.Bit).Value = isApproved;
sqlCommand.Parameters.Add("@comment", SqlDbType.NVarChar, 255).Value = String.Empty;
try
{
sqlConnection.Open();
sqlCommand.ExecuteNonQuery();
if ((int)sqlCommand.Parameters["@returnValue"].Value == 0)
{
status = MembershipCreateStatus.Success;
}
else
{
status = MembershipCreateStatus.UserRejected;
}
}
catch (SqlException e)
{
//Add exception handling here.
status = MembershipCreateStatus.ProviderError;
}
finally
{
sqlConnection.Close();
}
return GetUser(username, false);
}
else
{
status = MembershipCreateStatus.DuplicateUserName;
}
return null;
}
答案 0 :(得分:0)
一个猜测,但我的赌注是它不是password变量,这是因为你试图编码你没有传入的passwordAnswer,或者传入空值。你可能没有使用此功能,这是一种过时且危险的方法来恢复MS没有弃用的密码。
CreateUser中的这一行:
sqlCommand.Parameters.Add("@passwordAnswer", SqlDbType.NVarChar, 255).Value = EncodePassword(passwordAnswer); \\THIS LINE IS PROBABLY THE PROBLEM
请尝试使用此功能,但前提是您绝对不使用此功能:
sqlCommand.Parameters.Add("@passwordAnswer", SqlDbType.NVarChar, 255).Value = passwordAnswer;
您应该可以在调试中轻松检查。
答案 1 :(得分:-1)
使用调试器找出发生的事情。
如果您不知道如何操作,请添加以下行:
if(password == null)
throw new Exception("Password is null here, I get it, now I'll try to find where is wrong!");
在CreateUser方法中的这一行之前:
ValidatePasswordEventArgs args = new ValidatePasswordEventArgs(username, password, true);
再次运行,看看是否有任何事情发生。