我有一个登录表单,当您单击登录按钮时,将显示所有用户数据。当数据显示在表单字段中时,我有一个旧密码,新密码和确认密码字段,用户可以在其中更改密码。现在,当用户输入旧密码时,我要检查它是否与数据库中存储的密码相同。
这就是我从数据库中获取数据的方式:
[HttpGet]
public ActionResult Edit(int? id, UpdateModel updatemodel)
{
id = 1;
SqlConnection cn = new SqlConnection("@")
SqlCommand cmd1 = new SqlCommand(
"Select Username , Password From BS_Users Where IDBS_Persons=" + id, cn);
cn.Open();
SqlDataReader dr = cmd.ExecuteReader();
SqlDataReader dr1 = cmd1.ExecuteReader();
if (dr1.Read())
{
updatemodel.Username = dr1["Username"].ToString();
updatemodel.Password = dr1["Password"].ToString();
}
else
{
dr.Close();
}
dr.Close();
cn.Close();
return View(updatemodel);
}
这就是我发布它们的方式:
[HttpPost]
public ActionResult Edit(UpdateModel p, FormCollection form, int? id)
{
id = 1;
SmartFinanceContext db = new SmartFinanceContext();
if (ModelState.IsValid)
{
int users = p.UpdateUser(p.Username, Crypto.Hash(p.Password), id = 1);
if (_records > 0 && users > 0)
{
db.SaveChanges();
return RedirectToAction("Edit", "Home");
}
{
ModelState.AddModelError("", "Can Not Update");
}
}
return View(p);
}
答案 0 :(得分:1)
会是这样的:
//Get from database, which would be an encrypted string
var pw = dr1["Password"].ToString();
//Encrypt password sent in by user
var pwCheck = Crypto.Hash(p.Password)
//Check encrypted password from database against encrypted passed-in password
if (pw == pwCheck){
//do something
}