这确实经常发生。是否有一种简单的方法可以以编程方式重置用户的密码,而无需知道安全问题或其原始密码的答案。我现在有一种非常麻烦的方式。
我打开aspnet_Membership表,只显示我的行和行。我将密码和密码盐复制到他们的行中。我现在已将密码设置为与我的密码相同。我现在可以调用下面两行代码将密码重置为他们想要的密码。
有没有办法可以重置密码而无需先将其设置为我的密码?
格雷格
Dim user As MembershipUser = Membership.GetUser("{Their username}")
user.ChangePassword("{My password}", "{Their new password}")
答案 0 :(得分:0)
您可以使用ResetPassword执行此操作:
MembershipUser mu = Membership.GetUser(UserIdToChangePass);
if (mu != null)
{
string sLastPassword = mu.ResetPassword();
mu.ChangePassword(sLastPassword, txtNewPassword.Text);
}
答案 1 :(得分:0)
也许这有点像黑客,但它确实有效。我获得了通用密码“密码!”的密码和盐。我用该哈希版本的Password!更新了用户的成员资格表。然后我用它将密码重置为新密码,因为我现在知道他们当前的密码是密码!
现在,如果我能弄清楚为什么我必须单击按钮两次才能工作。第一次没有什么火,然后我再次点击它就可以了。
格雷格
Try
'Get the user
Dim user As MembershipUser = Membership.GetUser(Server.HtmlEncode(txtUserName.Text))
'Build a SQL string to reset their password to Password!
Dim sSQL As String = "UPDATE [dbo].[aspnet_Membership]"
sSQL &= " SET [Password] = 'p4p+zOnsA+if4+F7oVcmR8Y0yiM='" 'Hash for Password!
sSQL &= " ,[PasswordSalt] = 'URJfTNqAlfa+5TsNxFe7Uw=='" 'Salt for Password!
sSQL &= " WHERE [ApplicationId] = '{Your Application ID Here}' AND UserID = '" & user.ProviderUserKey.ToString & "'"
'Reset their password in the aspnet_membership table to Password!
Dim dbconn = New SqlConnection(ConfigurationManager.ConnectionStrings("{Your Membership Connection Here}").ConnectionString)
dbconn.Open()
Dim dbCommand As SqlCommand = dbconn.CreateCommand
dbCommand.Connection = dbconn
dbCommand.CommandText = sSQL
dbCommand.ExecuteNonQuery()
dbCommand.Dispose()
dbconn.Close()
'Now reset their password to the new password useing Password! as the known password
user.ChangePassword("Password!", Server.HtmlEncode(txtNewPassword.Text))
lblMsgInfo.Text = "The password was reset."
Catch ex As Exception
lblMsgInfo.Text = "Error: " & ex.Message
End Try