你能给我解释一下吗 [英] can you explain me about this

问题描述

hi
你能解释一下这是什么意思吗

"

hi
can you explain what does this mean

"

mycommand.CommandText = "insert into KM_USER(USER_NAME,PASSWORD,USERTYPE,REG_FLAG)values('" & Trim(UCase(userName)) & "'," _
                                            & " '" & FormsAuthentication.HashPasswordForStoringInConfigFile(Trim(passWord), "md5") & "','1','Y')

"


我需要了解此信息(FormsAuthentication.HashPasswordForStoringInConfigFile(Trim(passWord)，"md5"))

"


i need to know about this (FormsAuthentication.HashPasswordForStoringInConfigFile(Trim(passWord), "md5"))

推荐答案

此处是此方法的MSDN文档. > 它根据指定的密码和哈希算法生成适合存储在配置文件中的哈希密码.

http://msdn.microsoft.com/en-us/library/system.web.security.formsauthentication.hashpasswordforstoringinconfigfile.aspx [ ^ ]

Here is the MSDN documentation for this method.
It produces a hash password suitable for storing in a configuration file based on the specified password and hash algorithm.

http://msdn.microsoft.com/en-us/library/system.web.security.formsauthentication.hashpasswordforstoringinconfigfile.aspx[^]

这是什么意思??

这意味着您从某个地方取消了一些垃圾代码.该代码非常容易受到SQL Injection攻击，很愚蠢.

另外，MD5被认为是非常损坏的，不应用于散列密码.

What does this mean??

It means you lifted some garbage code from somewhere. That code is so vulnerable to SQL Injection attacks it''s just silly.

Also, MD5 is considered very broken and shouldn''t be used to hash passwords.

您确实已经问过这个问题(因此请您重复一遍).

上面的代码似乎是用于将新用户插入到用户表中的sql.它的构造很差-应该是对存储过程的调用，将值作为参数传递.

You''ve really already asked this question (hence the one vote for repeating yourself).

The code above appears to be sql for inserting a new user into a user table. It is poorly constructed - should be a call to a stored procedure passing the values as parameters.

这篇关于你能给我解释一下吗的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！