ASP.net中的高级安装程序服务器端序列号验证

时间:2015-02-22 11:34:48

标签: asp.net

我有PHP和JSP中的文件,但我需要使用ASP.net

请任何人转换它。

我在asp.net中使用过,它在有效许可证下工作正常,并且使用代码601,但是当使用带有消息的602时,我获得了包含所有html标签的页面源

<?php

// server response codes
define('LICENSE_VALID',   '601');
define('LICENSE_INVALID', '602');

// database connection parameters
$db_host = 'localhost:3306';
$db_user = 'root';
$db_pass = 'root123';
$db_name = 'mydb';

// client information table
$clients_tbl_name = 'clients';
$sn_tbl_col       = 'serial_no';

/**
 * Server HTTP response to the query issued by Advanced Installer serial     validation tool.
 */
function ServerResponse($is_valid, $posted_serial = '', $lang_id = 1033)
{
  $msg_sep = "\n";

 // load error messages from your database, using "$lang_id" for localization (optional)

if($posted_serial == '')
return LICENSE_INVALID . $msg_sep . "Missing Serial Number !";

if($is_valid == true)
return LICENSE_VALID;
else
return LICENSE_INVALID . $msg_sep . "Serial Number: " . $posted_serial . ' is invalid !';  
}

// Variables POSTed by Advanced Installer serial validation tool to this web page: "sn", "languageid".
if(isset($_POST['sn']) && trim($_POST['sn']) != '')
{
 // get the serial number entered by the installing user in the "UserRegistrationDlg" dialog 
$sn = trim($_POST['sn']);

  // get the system language ID of the user's machine
  // (you can use this parameter to display a localized error message taken from your database)
 $languageid = (int) $_POST['languageid'];

// get the additional information entered by the installing user in the "UserRegistrationDlg" dialog 
$additional_information = $_POST['ai'];

// connect to database
$db_conn = @mysql_connect($db_host, $db_user, $db_pass);
if(!$db_conn)
{
// issue error response
echo ServerResponse(false, $sn, $languageid);
die();
}

// select target database
$db_selected = @mysql_select_db($db_name, $db_conn);
if(!$db_selected)
{
 // issue error response
 echo ServerResponse(false, $sn, $languageid);
 die();
}

// prepare SQL statement
$sn_query = "SELECT `". $sn_tbl_col ."` FROM `". $clients_tbl_name ."` WHERE `". $sn_tbl_col ."` = '" . mysql_escape_string($sn) . "'";

// execute query
$result = @mysql_query($sn_query, $db_conn);

// get result set size
if(@mysql_num_rows($result) == 0)
{
 // serial number NOT found in database => issue error response
 echo ServerResponse(false, $sn, $languageid);
 die();
 }
else
{
  // serial number was found in database => issue SUCCESS response
 echo ServerResponse(true, $sn, $languageid);
die();
}
}
else
{
 // issue error response
echo ServerResponse(false);
die();
}`enter code here`

?>

1 个答案:

答案 0 :(得分:1)

我也遇到过这个问题,它似乎是由我在PHP脚本中使用的弃用函数引起的。

在我的场景中,我使用了&#34; mysql_escape_string()&#34;函数而不是&#34; mysql_real_escape_string()&#34;显示一个和所有HTML标记包围的消息,告诉我该函数已被弃用。

希望这有帮助。