我在我的網站有散列密碼功能,其中當用戶註冊時,密碼在數據庫中被散列。我還設法通過散列的密碼登錄。但是,我添加了一個忘記密碼功能。它的工作正常(發送密碼給用戶的電子郵件),但密碼仍然散列?你可以分享的任何技巧?通過忘記密碼功能解開密碼
這裏是我忘記密碼代碼:
protected void SendEmail(object sender, EventArgs e)
{
string username = string.Empty;
string password = string.Empty;
string constr = ConfigurationManager.ConnectionStrings["RegistrationConnectionString"].ConnectionString;
using (SqlConnection con = new SqlConnection(constr))
{
using (SqlCommand cmd = new SqlCommand("SELECT Username, [Password] FROM UserData WHERE Email = @Email"))
{
cmd.Parameters.AddWithValue("@Email", txtEmail.Text.Trim());
cmd.Connection = con;
con.Open();
using (SqlDataReader sdr = cmd.ExecuteReader())
{
if (sdr.Read())
{
username = sdr["Username"].ToString();
password = BusinessLayer.ShoppingCart.CreateSHAHash("Password").ToString();
}
}
con.Close();
}
}
if (!string.IsNullOrEmpty(password))
{
MailMessage mm = new MailMessage("[email protected]", txtEmail.Text.Trim());
mm.Subject = "Password Recovery";
mm.Body = string.Format("Hi {0},<br /><br />Your password is {1}.<br /><br />Thank You.<br/><br/>IslandGas Team", username, password);
mm.IsBodyHtml = true;
SmtpClient smtp = new SmtpClient();
smtp.Host = "smtp.gmail.com";
smtp.EnableSsl = true;
NetworkCredential NetworkCred = new NetworkCredential();
NetworkCred.UserName = ConfigurationManager.AppSettings["UserName"];
NetworkCred.Password = ConfigurationManager.AppSettings["Password"];
smtp.UseDefaultCredentials = true;
smtp.Credentials = NetworkCred;
smtp.Port = 587;
smtp.Send(mm);
lblMessage.ForeColor = Color.Green;
lblMessage.Text = "Password has been sent to your email address.";
}
else
{
lblMessage.ForeColor = Color.Red;
lblMessage.Text = "This email address does not match our records.";
}
}
我試圖讓這段代碼的工作:
using (SqlDataReader sdr = cmd.ExecuteReader())
{
if (sdr.Read())
{
username = sdr["Username"].ToString();
password = BusinessLayer.ShoppingCart.CreateSHAHash("Password").ToString();
}
}
但電子郵件中,它仍然散列。
這裏的方法是在businesslayer我hashpassword代碼:
public static string CreateSHAHash(string Phrase)
{
SHA512Managed HashTool = new SHA512Managed();
Byte[] PhraseAsByte = System.Text.Encoding.UTF8.GetBytes(string.Concat(Phrase));
Byte[] EncryptedBytes = HashTool.ComputeHash(PhraseAsByte);
HashTool.Clear();
return Convert.ToBase64String(EncryptedBytes);
}
非常豐富。會做到這一點。謝謝! –