在VB 10中创建一个区分大小写的登录表单

时间:2014-09-28 07:27:50

标签: visual-studio-2010

我想创建一个登录表单,密码中的字段区分大小写,如果我的密码是“PassWord”,它只接受关键字“PassWord”而不接受“password”或“PASSWORD”关键字等。我想要它是一个字符敏感谢谢请帮助我我是一个新的程序员使用数据库MS访问谢谢这是我的代码

 Private Sub btnLog_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnLog.Click
    Try
        Dim con As New OleDbConnection("Provider=Microsoft.ACE.OLEDB.12.0;Data Source=|DataDirectory|\NIASecurity.accdb")
        Dim cmd As OleDbCommand = New OleDbCommand("SELECT [Username] FROM [Security] WHERE [Username] = @User and Password =@Pass ", con)
        cmd.Parameters.AddWithValue("@User", txtUser.Text)
        cmd.Parameters.AddWithValue("@Pass", txtPass.Text)
        con.Open()
        Dim sdr As OleDbDataReader = cmd.ExecuteReader()
        If sdr.Read Then
            If txtPass.Text = sdr(0) Then
                MessageBox.Show("Welcome")
                Dim win As New frmAdd
                win.MdiParent = frmMDI
                win.Show()
                Me.Close()
            Else
                MsgBox("Invalid name or password!")

            End If
        End If


    Catch ex As Exception
        MessageBox.Show("Invalid name or password!")
    End Try
End Sub

1 个答案:

答案 0 :(得分:0)

我可以说你在db中保存密码,你必须使用哈希Algorithm保存密码数据,例如MD5SHA1
当用户键入用于登录的密码时,您键入为密码键入的字符串,并将此字符串与保存在db

中的密码进行比较 
    public static void HashPassword(string Password, out string Salt, out string Hash)
    {
        System.Security.Cryptography.SHA1Managed sha = new System.Security.Cryptography.SHA1Managed();
        Random rnd = new Random();
        byte[] s = new byte[20];
        rnd.NextBytes(s);
        Salt = Convert.ToBase64String(s);
        System.Text.UTF8Encoding u = new UTF8Encoding();
        byte[] pass = u.GetBytes(Password);
        byte[] all = new byte[pass.Length + s.Length];
        Array.Copy(pass, all, pass.Length);
        Array.Copy(s, 0, all, pass.Length, s.Length);
        Byte[] H = sha.ComputeHash(all);
        Hash = Convert.ToBase64String(H);
    }

    public bool IsPasswordCorrect(string Password, string Salt, string Hash)
    {
        System.Security.Cryptography.SHA1Managed sha = new System.Security.Cryptography.SHA1Managed();
        byte[] s = Convert.FromBase64String(Salt);
        System.Text.UTF8Encoding u = new UTF8Encoding();
        byte[] pass = u.GetBytes(Password);
        byte[] all = new byte[pass.Length + s.Length];
        Array.Copy(pass, all, pass.Length);
        Array.Copy(s, 0, all, pass.Length, s.Length);
        Byte[] H = sha.ComputeHash(all);
        return (Hash == Convert.ToBase64String(H));
    }

现在你必须使用HashPassword方法为哈希提供一个盐,并为每个用户将哈希和盐保存到数据库。
想要检查密码时使用IsPasswordcorrect方法

相关问题
最新问题