任何人都可以帮助加密登录? [英] Can anyone help with Encrypt login?
本文介绍了任何人都可以帮助加密登录?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
大家好
我想制作一个加密登录表单。
我有一个有两个函数的类加密这个和解密这个
以下是代码:
Hi guys
I want to make an Encrypt login form.
I have a class with two functions encryptThis and decryptThis
Here is the code:
Public Class clsEncryption
Public Shared Function encryptThis(ByVal str As String, ByVal bt As Byte) As String
Dim encrypt As String = ""
'USING COALESCING OPERATOR CONDITION
bt = If((bt > 0 AndAlso bt <= 13), bt, Convert.ToByte(13))
Dim chr As Char() = Str.ToString().ToCharArray()
For i As Integer = 0 To str.Length - 1
'CONVERTING CHAR TO INT
Dim x As Integer = Convert.ToInt32(Chr(i))
'CONVERTING INT TO CHAR
encrypt = encrypt + Convert.ToChar((255 - (x + bt - i)))
Next
Return encrypt
End Function
Public Shared Function decryptThis(ByVal str As String, ByVal bt As Byte) As String
Dim encrypt As String = ""
'USING COALESCING OPERATOR CONDITION
bt = If((bt > 0 AndAlso bt <= 13), bt, Convert.ToByte(13))
Dim chr As Char() = str.ToString().ToCharArray()
For i As Integer = 0 To str.Length - 1
Dim x As Integer = Convert.ToInt32(chr(i))
encrypt = encrypt + Convert.ToChar(255 + (-x - bt + i))
Next
Return encrypt
End Function
End Class
我在sql查询中使用函数encryptThis并且成功存储密码在数据库中。
问题是在登录表格中我不知道如何解密这个?
这是代码:
I use the function encryptThis in sql query and it store the password successful in database.
The problem is in login form I dont know how can I decrypt this?
Here is the code:
Private Sub cmdlogin_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles cmdlogin.Click
On Error Resume Next
Dim timex As String
Dim isigroup As DataTable
objdata = New clsMSSQL
isigroup = objdata.QueryDatabase("SELECT * FROM Userx WHERE Username='" & txtuser.Text & "' AND Userpass ='" & txtpassword.Text & "'")
If isigroup.Rows.Count > 0 Then
For i = 0 To isigroup.Rows.Count - 1
If isigroup.Rows(i)("username") <> txtuser.Text Or isigroup.Rows(i)("userpass") <> txtpassword.Text Then
MsgBox("Λάθος Όνομα Χρήστη ή Κωδικού !", MsgBoxStyle.Information, "Προσοχή.....")
xcountx = xcountx + 1
If xcountx >= 3 Then
MsgBox("Έχεις χρησιμοποιήσει όλες τις προσπάθειες !", MsgBoxStyle.Exclamation, "Προσοχή.....")
End
End If
Exit Sub
感谢您的帮助
Thanks for any help
推荐答案
您称之为加密?这些东西充其量是微弱的。一个12岁的算盘可以解决这个问题!
我强烈建议您使用经过验证的加密哈希读取哈希密码。从这个开始[ ^ ],然后这个 [ ^ ]。然后,您可以使用此 [ ^ ]。
You call that "encryption"?? That stuff is WEAK at best. A 12 year old with an abacus can crack that!
I HIGHLY suggest you read up on hashing passwords using a proven cryptographic hash. Start with this[^], then this[^]. Then you can move on to examples and how-to's with this[^].
您好,我会使用 System.Security。密码学 [ ^ ]命名空间
它应该足以满足您的需求!
干杯,
Itay。
Hi, I would use System.Security.Cryptography[^] Namespace
it should be more than enough for your needs!
Cheers,
Itay.
我必须同意Dave Kreskowiak - 不加密密码(当然也没有加密方法这么糟糕的借口) - 见这里:密码存储:怎么做。 [ ^ ](它在C#中,但是代码非常简单,并解释了whay以及如何使用散列)。
但是要添加它,你的加密完全没用,因为你的代码对SQL是开放的注入所以无论如何都不需要密码登录,或者可能通过尝试登录来破坏您的数据库。使用参数改为zed查询!
I have to agree with Dave Kreskowiak - do not encrypt passwords (and certainly not with such a poor excuse for an encryption method) - see here: Password Storage: How to do it.[^] (it's in C#, but the code is pretty simple and explains whay as well as how to use hashing).
But to add to that, your encryption is completely useless since your code is wide open to SQL Injection so nobody needs a password to login anyway, or could destroy your database by trying to log in. Use parameterized queries instead!
这篇关于任何人都可以帮助加密登录?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
