设为首页收藏本站

新微赢技术网

 找回密码
 注册
搜索
热搜: 回贴
查看: 71|回复: 9
打印 上一主题 下一主题

[求助]我怎么在这个登陆代码中加个MD5

[复制链接]
跳转到指定楼层
1#
发表于 2010-1-19 03:30:08 | 只看该作者 回帖奖励 |倒序浏览 |阅读模式
大家帮我看看这个代码怎么加上MD5加密功能。现在不是MD5的不太安全,我想加个MD5验证。可是我加上MD5就不正常了。先谢谢了


我感觉是不是在这段里加呢?
源代码: &"' AND Admin_pass='" & Replace(Request.Form("Admin_pass"),"'","''") & "'"


我是这么加的:&"' AND Admin_pass='" & Replace(md5(Request.Form("Admin_pass"),"'","''")) & "'"





下面是整个页面的代码:


<%@LANGUAGE="VBSCRIPT" CODEPAGE="936"%>
<!--#include file="Connections/conn.asp" -->
<%
Dim Recordset1
Dim Recordset1_numRows
Set Recordset1 = Server.CreateObject("ADODB.Recordset")
Recordset1.ActiveConnection = MM_conn_STRING
Recordset1.Source = "SELECT * FROM d8b_User"
Recordset1.CursorType = 0
Recordset1.CursorLocation = 2
Recordset1.LockType = 1
Recordset1.Open()
Recordset1_numRows = 0
%>
<%
' *** Validate request to log in to this site.
MM_LoginAction = Request.ServerVariables("URL")
If Request.QueryString<>"" Then MM_LoginAction = MM_LoginAction + "?" + Request.QueryString
MM_valUsername=CStr(Request.Form("Admin_name"))
If MM_valUsername <> "" Then
MM_fldUserAuthorization="Admin_class"
MM_redirectLoginSuccess="MoreUserOK.asp" '这个是验证成功后的页面
MM_redirectLoginFailed="MoreUserError.asp" '这个是错误页
MM_flag="ADODB.Recordset"
set MM_rsUser = Server.CreateObject(MM_flag)
MM_rsUser.ActiveConnection = MM_conn_STRING
MM_rsUser.Source = "SELECT Admin_name, Admin_pass"
If MM_fldUserAuthorization <> "" Then MM_rsUser.Source = MM_rsUser.Source & "," & MM_fldUserAuthorization
MM_rsUser.Source = MM_rsUser.Source & " FROM d8b_User WHERE Admin_name='" & Replace(MM_valUsername,"'","''") &"' AND Admin_pass='" & Replace(Request.Form("Admin_pass"),"'","''") & "'"
MM_rsUser.CursorType = 0
MM_rsUser.CursorLocation = 2
MM_rsUser.LockType = 3
MM_rsUser.Open
If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then
' username and password match - this is a valid user
Session("MM_Username") = MM_valUsername
If (MM_fldUserAuthorization <> "") Then
Session("MM_UserAuthorization") = CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization).Value)
Else
Session("MM_UserAuthorization") = ""
End If
if CStr(Request.QueryString("accessdenied")) <> "" And false Then
MM_redirectLoginSuccess = Request.QueryString("accessdenied")
End If
MM_rsUser.Close
Response.Redirect(MM_redirectLoginSuccess)
End If
MM_rsUser.Close
Response.Redirect(MM_redirectLoginFailed)
End If
%>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>d8b空间站-代理商管理登陆</title>
<script language="JavaScript" type="text/JavaScript">
<!--
function MM_findObj(n, d) { //v4.01
var p,i,x; if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) {
d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);}
if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n];
for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document);
if(!x && d.getElementById) x=d.getElementById(n); return x;
}
function YY_checkform() { //v4.07
//copyright (c)1998,2001 Yaromat.com
var args = YY_checkform.arguments,myDot=true,myV='',myErr='',addErr=false,myReq,rx,myObj1,myMa,myAt;
for (var i=1; i<args.length;i=i+4){
if (args[i+1].charAt(0)=='#'){myReq=true; args[i+1]=args[i+1].substring(1);}else{myReq=false}
var myObj = MM_findObj(args[i].replace(/\[\d+\]/ig,""));myV=myObj.value;
if (myObj.type=='text'||myObj.type=='password'){
if (myReq&&myObj.value.length==0)addErr=true;
if ((myV.length>0)&&(args[i+2]==1)){ //fromto
if (!(myV/1)||myV<args[i+1].split('_')[0]/1||myV > args[i+1].split('_')[1]/1){addErr=true}
}
if ((myV.length>0)&&(args[i+2]==2)){ // email
rx=new RegExp("^[\\w\.=-]+@[\\w\\.-]+\\.[a-z]{2,4}$");if(!rx.test(myV))addErr=true;
}
if ((myV.length>0)&&(args[i+2]==3)){ // date
myMa=args[i+1].split("#");myAt=myV.match(myMa[0]);
if(myAt){
var myD=(myAt[myMa[1]])?myAt[myMa[1]]:1; var myM=myAt[myMa[2]]-1; var myY=myAt[myMa[3]];
var myDate=new Date(myY,myM,myD);
if(myDate.getFullYear()!=myY||myDate.getDate()!=myD||myDate.getMonth()!=myM){addErr=true};
}else{addErr=true}
}
if ((myV.length>0)&&(args[i+2]==4)){myMa=args[i+1].split("#");myAt=myV.match(myMa[0]);if(!myAt)addErr=true}// time
if (myV.length>0&&args[i+2]==5){ // check this 2
var myObj1 = MM_findObj(args[i+1].replace(/\[\d+\]/ig,""));
if(myObj1.length)myObj1=myObj1[args[i+1].replace(/(.*\[)|(\].*)/ig,"")];
if(!myObj1.checked)addErr=true;
}
if (myV.length>0&&args[i+2]==6){myObj1=MM_findObj(args[i+1]);if(myV!=myObj1.value)addErr=true;}// the same
}else
if (!myObj.type&&myObj.length>0&&myObj[0].type=='radio'){
var myTest = args[i].match(/(.*)\[(\d+)\].*/i);
var myObj1=(myObj.length>1)?myObj[myTest[2]]:myObj;
if (args[i+2]==1&&myObj1&&myObj1.checked&&MM_findObj(args[i+1]).value.length/1==0){addErr=true}
if (args[i+2]==2){
var myDot=false;
for(var j=0;j<myObj.length;j++){myDot=myDot||myObj[j].checked}
if(!myDot){myErr+='* ' +args[i+3]+'\n'}
}
}else
if (myObj.type=='checkbox'){
if(args[i+2]==1&&myObj.checked==false){addErr=true}
if(args[i+2]==2&&myObj.checked&&MM_findObj(args[i+1]).value.length/1==0){addErr=true}
}else
if (myObj.type=='select-one'||myObj.type=='select-multiple'){
if(args[i+2]==1&&myObj.selectedIndex/1==0){addErr=true}
}else
if (myObj.type=='textarea'){
if(myV.length<args[i+1]){addErr=true}
}
if (addErr){myErr+='* '+args[i+3]+'\n'; addErr=false}
}
if (myErr!=''){alert('多用户演示:\t\t\t\t\t\n\n'+myErr)}
document.MM_returnValue = (myErr=='');
}
//-->
</script>
</head>
<body>
<form name="form1" method="POST" action="<%=MM_LoginAction%>">
<p align="center"> 用户:
<input name="Admin_name" type="text" id="Admin_name">
</p>
<p align="center"> 密码:
<input name="Admin_pass" type="password" id="Admin_pass">
</p>
<p align="center">
<input name="Submit" type="submit" onClick="YY_checkform('form1','Admin_name','#q','0','少了用户名','Admin_pass','#q','0','还有密码呀');return document.MM_returnValue" value="提交">
</p>
</form>
</body>
</html>
<%
Recordset1.Close()
Set Recordset1 = Nothing
%>
2#
发表于 2010-1-19 03:30:12 | 只看该作者
怎么变成这样了:
大家帮我看看这个代码怎么加上MD5加密功能。现在不是MD5的不太安全,我想加个MD5验证。可是我加上MD5就不正常了。先谢谢了我感觉是不是在这段里加呢

源代码: &"' AND Admin_pass='" & Replace(Request.Form("Admin_pass"),"'","''") & "'"


我是这么加的:&"' AND Admin_pass='" & Replace(md5(Request.Form("Admin_pass"),"'","''")) & "'"
回复 支持 反对

使用道具 举报

3#
发表于 2010-1-19 03:30:16 | 只看该作者
大家帮我下

我很急
回复 支持 反对

使用道具 举报

4#
发表于 2010-1-19 03:30:20 | 只看该作者
把登录时传过来的密码用MD5加密,再与数据库中的记录做比较
回复 支持 反对

使用道具 举报

5#
发表于 2010-1-19 03:30:24 | 只看该作者
我知道这个意思
但是我加了,就不能正常显示了。
是不是应该在这段加:
&"' AND Admin_pass='" & Replace(Request.Form("Admin_pass"),"'","''") & "'"
回复 支持 反对

使用道具 举报

6#
发表于 2010-1-19 03:30:28 | 只看该作者
我急用
回复 支持 反对

使用道具 举报

7#
发表于 2010-1-19 03:30:32 | 只看该作者
没人会吗?
回复 支持 反对

使用道具 举报

8#
发表于 2010-1-19 03:30:36 | 只看该作者
这个是代码 !!!!
本页的
  1. <%@LANGUAGE="VBSCRIPT" CODEPAGE="936"%>
  2. <!--#include file="Connections/conn.asp" -->
  3. <%
  4. Dim Recordset1
  5. Dim Recordset1_numRows
  6. Set Recordset1 = Server.CreateObject("ADODB.Recordset")
  7. Recordset1.ActiveConnection = MM_conn_STRING
  8. Recordset1.Source = "SELECT * FROM d8b_User"
  9. Recordset1.CursorType = 0
  10. Recordset1.CursorLocation = 2
  11. Recordset1.LockType = 1
  12. Recordset1.Open()
  13. Recordset1_numRows = 0
  14. %>
  15. <%
  16. ' *** Validate request to log in to this site.
  17. MM_LoginAction = Request.ServerVariables("URL")
  18. If Request.QueryString<>"" Then MM_LoginAction = MM_LoginAction + "?" + Request.QueryString
  19. MM_valUsername=CStr(Request.Form("Admin_name"))
  20. If MM_valUsername <> "" Then
  21. MM_fldUserAuthorization="Admin_class"
  22. MM_redirectLoginSuccess="MoreUserOK.asp"
  23. MM_redirectLoginFailed="MoreUserError.asp"
  24. MM_flag="ADODB.Recordset"
  25. set MM_rsUser = Server.CreateObject(MM_flag)
  26. MM_rsUser.ActiveConnection = MM_conn_STRING
  27. MM_rsUser.Source = "SELECT Admin_name, Admin_pass"
  28. If MM_fldUserAuthorization <> "" Then MM_rsUser.Source = MM_rsUser.Source & "," & MM_fldUserAuthorization
  29. MM_rsUser.Source = MM_rsUser.Source & " FROM d8b_User WHERE Admin_name='" & Replace(MM_valUsername,"'","''") &"' AND Admin_pass='" & Replace(Request.Form("Admin_pass"),"'","''") & "'"
  30. MM_rsUser.CursorType = 0
  31. MM_rsUser.CursorLocation = 2
  32. MM_rsUser.LockType = 3
  33. MM_rsUser.Open
  34. If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then
  35. ' username and password match - this is a valid user
  36. Session("MM_Username") = MM_valUsername
  37. If (MM_fldUserAuthorization <> "") Then
  38. Session("MM_UserAuthorization") = CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization).Value)
  39. Else
  40. Session("MM_UserAuthorization") = ""
  41. End If
  42. if CStr(Request.QueryString("accessdenied")) <> "" And false Then
  43. MM_redirectLoginSuccess = Request.QueryString("accessdenied")
  44. End If
  45. MM_rsUser.Close
  46. Response.Redirect(MM_redirectLoginSuccess)
  47. End If
  48. MM_rsUser.Close
  49. Response.Redirect(MM_redirectLoginFailed)
  50. End If
  51. %>
  52. <html>
  53. <head>
  54. <meta http-equiv="Content-Type" content="text/html; charset=gb2312">
  55. <title>d8b空间站-代理商管理登陆</title>
  56. <script language="JavaScript" type="text/JavaScript">
  57. <!--
  58. function MM_findObj(n, d) { //v4.01
  59. var p,i,x; if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) {
  60. d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);}
  61. if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n];
  62. for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document);
  63. if(!x && d.getElementById) x=d.getElementById(n); return x;
  64. }
  65. function YY_checkform() { //v4.07
  66. //copyright (c)1998,2001 Yaromat.com
  67. var args = YY_checkform.arguments,myDot=true,myV='',myErr='',addErr=false,myReq,rx,myObj1,myMa,myAt;
  68. for (var i=1; i<args.length;i=i+4){
  69. if (args[i+1].charAt(0)=='#'){myReq=true; args[i+1]=args[i+1].substring(1);}else{myReq=false}
  70. var myObj = MM_findObj(args[i].replace(/\[\d+\]/ig,""));myV=myObj.value;
  71. if (myObj.type=='text'||myObj.type=='password'){
  72. if (myReq&&myObj.value.length==0)addErr=true;
  73. if ((myV.length>0)&&(args[i+2]==1)){ //fromto
  74. if (!(myV/1)||myV<args[i+1].split('_')[0]/1||myV > args[i+1].split('_')[1]/1){addErr=true}
  75. }
  76. if ((myV.length>0)&&(args[i+2]==2)){ // email
  77. rx=new RegExp("^[\\w\.=-]+@[\\w\\.-]+\\.[a-z]{2,4}$");if(!rx.test(myV))addErr=true;
  78. }
  79. if ((myV.length>0)&&(args[i+2]==3)){ // date
  80. myMa=args[i+1].split("#");myAt=myV.match(myMa[0]);
  81. if(myAt){
  82. var myD=(myAt[myMa[1]])?myAt[myMa[1]]:1; var myM=myAt[myMa[2]]-1; var myY=myAt[myMa[3]];
  83. var myDate=new Date(myY,myM,myD);
  84. if(myDate.getFullYear()!=myY||myDate.getDate()!=myD||myDate.getMonth()!=myM){addErr=true};
  85. }else{addErr=true}
  86. }
  87. if ((myV.length>0)&&(args[i+2]==4)){myMa=args[i+1].split("#");myAt=myV.match(myMa[0]);if(!myAt)addErr=true}// time
  88. if (myV.length>0&&args[i+2]==5){ // check this 2
  89. var myObj1 = MM_findObj(args[i+1].replace(/\[\d+\]/ig,""));
  90. if(myObj1.length)myObj1=myObj1[args[i+1].replace(/(.*\[)|(\].*)/ig,"")];
  91. if(!myObj1.checked)addErr=true;
  92. }
  93. if (myV.length>0&&args[i+2]==6){myObj1=MM_findObj(args[i+1]);if(myV!=myObj1.value)addErr=true;}// the same
  94. }else
  95. if (!myObj.type&&myObj.length>0&&myObj[0].type=='radio'){
  96. var myTest = args[i].match(/(.*)\[(\d+)\].*/i);
  97. var myObj1=(myObj.length>1)?myObj[myTest[2]]:myObj;
  98. if (args[i+2]==1&&myObj1&&myObj1.checked&&MM_findObj(args[i+1]).value.length/1==0){addErr=true}
  99. if (args[i+2]==2){
  100. var myDot=false;
  101. for(var j=0;j<myObj.length;j++){myDot=myDot||myObj[j].checked}
  102. if(!myDot){myErr+='* ' +args[i+3]+'\n'}
  103. }
  104. }else
  105. if (myObj.type=='checkbox'){
  106. if(args[i+2]==1&&myObj.checked==false){addErr=true}
  107. if(args[i+2]==2&&myObj.checked&&MM_findObj(args[i+1]).value.length/1==0){addErr=true}
  108. }else
  109. if (myObj.type=='select-one'||myObj.type=='select-multiple'){
  110. if(args[i+2]==1&&myObj.selectedIndex/1==0){addErr=true}
  111. }else
  112. if (myObj.type=='textarea'){
  113. if(myV.length<args[i+1]){addErr=true}
  114. }
  115. if (addErr){myErr+='* '+args[i+3]+'\n'; addErr=false}
  116. }
  117. if (myErr!=''){alert('多用户演示:\t\t\t\t\t\n\n'+myErr)}
  118. document.MM_returnValue = (myErr=='');
  119. }
  120. //-->
  121. </script>
  122. </head>
  123. <body>
  124. <form name="form1" method="POST" action="<%=MM_LoginAction%>">
  125. <p align="center"> 用户:
  126. <input name="Admin_name" type="text" id="Admin_name">
  127. </p>
  128. <p align="center"> 密码:
  129. <input name="Admin_pass" type="password" id="Admin_pass">
  130. </p>
  131. <p align="center">
  132. <input name="Submit" type="submit" onClick="YY_checkform('form1','Admin_name','#q','0','少了用户名','Admin_pass','#q','0','还有密码呀');return document.MM_returnValue" value="提交">
  133. </p>
  134. </form>
  135. </body>
  136. </html>
  137. <%
  138. Recordset1.Close()
  139. Set Recordset1 = Nothing
  140. %>
复制代码
回复 支持 反对

使用道具 举报

9#
发表于 2010-1-19 03:30:40 | 只看该作者
还要引用MD5.ASP文件
回复 支持 反对

使用道具 举报

10#
发表于 2010-1-19 03:30:45 | 只看该作者
晕S,你的代码发得这么整齐有心的人看到都会吓一跳的
回复 支持 反对

使用道具 举报

您需要登录后才可以回帖 登录 | 注册

本版积分规则

申请友链|小黑屋|最新主题|手机版|新微赢技术网 ( 苏ICP备08020429号 )  

GMT+8, 2024-11-19 00:37 , Processed in 0.118227 second(s), 9 queries , Gzip On, Memcache On.

Powered by xuexi

© 2001-2013 HaiAn.Com.Cn Inc. 寰耽

快速回复 返回顶部 返回列表