旧密码,新密码逻辑

时间:2014-08-07 07:34:21

标签: c# asp.net

我想开发一个功能,我想检查任何更改密码的用户,不能再在新密码字段中输入相同的密码。请参阅代码以供参考,并让我知道如何添加该功能。

 <tr>
            <td class="a1">Old Password</td>
            <td><asp:TextBox ID="txtOldPassword" runat="server" CssClass="form_txtfld"></asp:TextBox>
            </td>
        </tr>

        <tr>
            <td class="a1">New Password</td>
            <td><asp:TextBox ID="txtNewPassword" runat="server" CssClass="form_txtfld"></asp:TextBox></td>
        </tr>

        <tr>
            <td class="a1">Confirm Password</td>
            <td><asp:TextBox ID="txtConfirmPassword" runat="server" CssClass="form_txtfld" ></asp:TextBox></td>
        </tr>
            <tr>
            <td>&nbsp;</td>
            <td>
                <asp:Button ID="btnSubmit" runat="server"  onclick="btnSubmit_Click" Text="Submit" style="width: 63px;" />&nbsp;
                <input type="reset" runat="server" name="Reset" style="width: 63px;" />
            </td>

背后的代码: - 

protected void btnSubmit_Click(object sender, EventArgs e)
{

    String LoginID = Session["user"].ToString();
    String OldPassword = txtOldPassword.Text.Trim();
    String LoginPassword = txtNewPassword.Text.Trim();

    if (OldPassword != Session["password"].ToString())
    {
        String sc = "<Script>alert('Old Password does not match')</script>";
        ScriptManager.RegisterClientScriptBlock(this, typeof(Page), "Ad" + DateTime.Now, sc, false);
    }
    else
    {
        LoginLogic _LoginLogic = new LoginLogic();
        _LoginLogic.ChangePassword(LoginID, LoginPassword);
        //Exit the current session
        Session.Abandon();
        String sc = "<Script>alert('You have successfully changed your password. Please login again.');location.href='default.aspx'</script>";
        ScriptManager.RegisterClientScriptBlock(this, typeof(Page), "Ad" + DateTime.Now, sc, false);
    }
}

2 个答案:

答案 0 :(得分:0)

String actualOld = Session["password"].ToString();
String OldPassword = txtOldPassword.Text.Trim();
String LoginPassword = txtNewPassword.Text.Trim();
if(actualOld!=OldPassword || LoginPassword==actualOld || LoginPassword==OldPassword  ){
      //error
}

但最简单的逻辑是比较验证器与您的新密码文本框。

答案 1 :(得分:-1)

你想要的只是:

修改

为简单起见,我将该位添加到执行检查的代码中。我不保证这种方法,因为您将密码作为纯文本存储在会话变量中。但是,我认为这是一个学校项目或其他东西,因此安全性不是真正的问题。

        string LoginID = Session["user"].ToString();
        string OldPassword = txtOldPassword.Text.Trim();
        string LoginPassword = txtNewPassword.Text.Trim();

        if (OldPassword != Session["password"].ToString())
        {
            String sc = "<Script>alert('Old Password does not match')</script>";
            ScriptManager.RegisterClientScriptBlock(this, typeof(Page), "Ad" + DateTime.Now, sc, false);
        }
        else if (string.Equals(OldPassword, LoginPassword)) //THIS LINE HERE
        {
            //Old password matches new password
        }
        else
        {
            LoginLogic _LoginLogic = new LoginLogic();
            _LoginLogic.ChangePassword(LoginID, LoginPassword);
            //Exit the current session
            Session.Abandon();
            String sc = "<Script>alert('You have successfully changed your password. Please login again.');location.href='default.aspx'</script>";
            ScriptManager.RegisterClientScriptBlock(this, typeof(Page), "Ad" + DateTime.Now, sc, false);
        }
相关问题
最新问题