进一步完善系统
敏感数据加密,采用密文存储。例如密码需要加密存储。
1、数据库数据准备:
首先需要在数据库里准备实验需要用到的数据
2、建立新项目:
3、新建窗体:
4、根据目标效果从工具箱添加组件:
5、编写代码:
1.登录窗体:
注意点:
1.1和数据库一样,使用之前必须要进行引入,快捷键[Alt]+[Enter],或者是自己手动引入也可以。
1.2
生成验证码的代码里,应该要对对应的label进行绑定
2.注册窗体:
注意点:
1.需要对User ID的textBox设置leave事件,意思是离开焦点就触发的事件
3.主窗体:
注意点:
1.由正常的使用经验得知,在主窗体进行关闭的时候,程序也应该停止运行,所以我们需要添加一个窗体的关闭事件(FormClosed)。方法和注册窗体的textBox1的leave事件是一样的。
注册窗体:
上传图片
输入用户名不规范时:
注册成功
登录窗体:
现在使用注册过的账户密码来进行登录:
除了在账号、密码、验证码都正确的情况下成功登录,其他情况下都是登录错误。
登录成功:
主窗体:
点击refresh对登录日志进行刷新
输入USerID再点击Show Photo出现图像
Login.cs
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Data.SqlClient;
using System.Drawing;
using System.Linq;
using System.Security.Cryptography;
using System.Text;
using System.Threading.Tasks;
using System.Windows.Forms;
namespace Test518
{
public partial class Login : Form
{
public Login()
{
InitializeComponent();
}
private void button1_Click(object sender, EventArgs e)
{
string username = textBox1.Text.Trim(); //取出账号
string password = EncryptWithMD5(textBox2.Text.Trim()); //取出密码并加密
if (username == "admin")
password = "123";//测试用例,便于初始化时候的 admin 密码 123可以顺利登陆。程序完成后可注释掉这行代码。
//string connstr = ConfigurationManager.ConnectionStrings["connectionString"].ToString(); //读取连接字符串
string myConnString = "Data Source=.;Initial Catalog=curricula_variable_system;Persist Security Info=True;User ID=sa;Password=******";
SqlConnection sqlConnection = new SqlConnection(myConnString); //实例化连接对象
sqlConnection.Open();
string sql = "select UserID,UserPassword from SysUser where UserID = '" + username + "' and UserPassword = '" + password + "'"; //编写SQL命令
SqlCommand sqlCommand = new SqlCommand(sql, sqlConnection);
SqlDataReader sqlDataReader = sqlCommand.ExecuteReader();
if (sqlDataReader.HasRows && textBox3.Text == code)
{
MessageBox.Show("欢迎使用!"); //登录成功
Main form2 = new Main();
form2.Show();
this.Hide();
}
else
{
MessageBox.Show("登录失败!");
return;
}
sqlDataReader.Close();
sql = "insert into SysLog values ( '" + username + "' , '" + DateTime.Now + "' , '" + "Login" + "')"; //编写SQL命令
sqlCommand = new SqlCommand(sql, sqlConnection);
sqlCommand.ExecuteNonQuery();
sqlConnection.Close();
}
public static string EncryptWithMD5(string source)
{
byte[] sor = Encoding.UTF8.GetBytes(source);
MD5 md5 = MD5.Create();
byte[] result = md5.ComputeHash(sor);
StringBuilder strbul = new StringBuilder(40);
for (int i = 0; i < result.Length; i++)
{
strbul.Append(result[i].ToString("x2"));//加密结果"x2"结果为32位,"x3"结果为48位,"x4"结果为64位
}
return strbul.ToString();
}
public string code;
private void button2_Click(object sender, EventArgs e)
{
this.Close();
}
private void linkLabel1_LinkClicked(object sender, LinkLabelLinkClickedEventArgs e)
{
Register register = new Register();
register.ShowDialog();
}
private void Login_Load(object sender, EventArgs e)
{
//随机实例化
Random ran = new Random();
int number;
char code1;
//取五个数
for (int i = 0; i < 5; i++)
{
number = ran.Next();
if (number % 2 == 0)
code1 = (char)('0' + (char)(number % 10));
else
code1 = (char)('A' + (char)(number % 26)); //转化为字符
this.code += code1.ToString();
}
label5.Text = code;
}
private void label5_Click(object sender, EventArgs e)
{
}
}
}
Register.cs
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Data.SqlClient;
using System.Drawing;
using System.IO;
using System.Linq;
using System.Security.Cryptography;
using System.Text;
using System.Text.RegularExpressions;
using System.Threading.Tasks;
using System.Windows.Forms;
namespace Test518
{
public partial class Register : Form
{
public Register()
{
InitializeComponent();
}
private void Register_Load(object sender, EventArgs e)
{
}
public Byte[] mybyte = new byte[0];
public static string EncryptWithMD5(string source)
{
byte[] sor = Encoding.UTF8.GetBytes(source);
MD5 md5 = MD5.Create();
byte[] result = md5.ComputeHash(sor);
StringBuilder strbul = new StringBuilder(40);
for (int i = 0; i < result.Length; i++)
{
strbul.Append(result[i].ToString("x2"));//加密结果"x2"结果为32位,"x3"结果为48位,"x4"结果为64位
}
return strbul.ToString();
}
private void button1_Click(object sender, EventArgs e)
{
try
{
string connString = "Data Source=.;Initial Catalog=curricula_variable_system;Persist Security Info=True;User ID=sa;Password=********";//数据库连接字符串
SqlConnection connection = new SqlConnection(connString);//创建connection对象
string sql = "insert into SysUser (UserID, UserPassWord , UserSchoolID, UserMobile, UserBirthday , UserIdentity , UserPhoto ) " +
"values (@userid, @userpassword,@userschoolid,@usermobile,@userbirthday,@useridentity,@userphoto)";
SqlCommand command = new SqlCommand(sql, connection);
SqlParameter sqlParameter = new SqlParameter("@userid", textBox1.Text);
command.Parameters.Add(sqlParameter);
sqlParameter = new SqlParameter("@userpassword", EncryptWithMD5(textBox2.Text));
command.Parameters.Add(sqlParameter);
sqlParameter = new SqlParameter("@userschoolid", textBox3.Text);
command.Parameters.Add(sqlParameter);
sqlParameter = new SqlParameter("@usermobile", textBox4.Text);
command.Parameters.Add(sqlParameter);
sqlParameter = new SqlParameter("@userbirthday", dateTimePicker1.Value);
command.Parameters.Add(sqlParameter);
sqlParameter = new SqlParameter("@useridentity", comboBox1.Text);
command.Parameters.Add(sqlParameter);
sqlParameter = new SqlParameter("@userphoto", SqlDbType.VarBinary, mybyte.Length, ParameterDirection.Input, false, 0, 0, null, DataRowVersion.Current, mybyte);
command.Parameters.Add(sqlParameter);
//打开数据库连接
connection.Open();
command.ExecuteNonQuery();
connection.Close();
MessageBox.Show("register succeed");
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
this.Close();
}
private void button2_Click(object sender, EventArgs e)
{
this.Close();
}
private void button3_Click(object sender, EventArgs e)
{
//打开浏览图片对话框
OpenFileDialog openFileDialog = new OpenFileDialog();
openFileDialog.ShowDialog();
string picturePath = openFileDialog.FileName;//获取图片路径
//文件的名称,每次必须更换图片的名称,这里很为不便
//创建FileStream对象
FileStream fs = new FileStream(picturePath, FileMode.Open, FileAccess.Read);
//声明Byte数组
mybyte = new byte[fs.Length];
//读取数据
fs.Read(mybyte, 0, mybyte.Length);
pictureBox1.Image = Image.FromStream(fs);
fs.Close();
}
private void textBox1_Leave(object sender, EventArgs e)
{
if (textBox1.Text.Trim() != "")
{
//使用regex(正则表达式)进行格式设置 至少有数字、大写字母、小写字母各一个。最少3个字符、最长20个字符。
Regex regex = new Regex(@"(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z]).{3,20}");
if (regex.IsMatch(textBox1.Text))//判断格式是否符合要求
{
//MessageBox.Show("输入密码格式正确!");
}
else
{
MessageBox.Show("至少有数字、大写字母、小写字母各一个。最少3个字符、最长20个字符!");
textBox1.Focus();
}
}
else
{
MessageBox.Show("Please fill in the full information!");
}
}
}
}
Main.cs
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Data.SqlClient;
using System.Drawing;
using System.IO;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Windows.Forms;
namespace Test518
{
public partial class Main : Form
{
public Main()
{
InitializeComponent();
}
private void button3_Click(object sender, EventArgs e)
{
this.sysLogTableAdapter.Fill(this.curricula_variable_systemDataSet.SysLog);
}
private void button1_Click(object sender, EventArgs e)
{
try
{
string connString = "Data Source=.;Initial Catalog=curricula_variable_system;Persist Security Info=True;User ID=sa;Password=*******";//数据库连接字符串
SqlConnection connection = new SqlConnection(connString);//创建connection对象
//打开数据库连接
connection.Open();
//创建SQL语句
string sql = "select UserPhoto from SysUser where UserID = '" + textBox1.Text + "'";
//创建SqlCommand对象
SqlCommand command = new SqlCommand(sql, connection);
//创建DataAdapter对象
SqlDataAdapter dataAdapter = new SqlDataAdapter(command);
//创建DataSet对象
DataSet dataSet = new DataSet();
dataAdapter.Fill(dataSet, "SysUser");
int c = dataSet.Tables["SysUser"].Rows.Count;
if (c > 0)
{
Byte[] mybyte = new byte[0];
mybyte = (Byte[])(dataSet.Tables["SysUser"].Rows[c - 1]["UserPhoto"]);
MemoryStream ms = new MemoryStream(mybyte);
pictureBox1.Image = Image.FromStream(ms);
}
else
pictureBox1.Image = null;
connection.Close();
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
}
private void button2_Click(object sender, EventArgs e)
{
Application.Exit();
}
private void Main_FormClosed(object sender, FormClosedEventArgs e)
{
Application.Exit();
}
private void Main_Load(object sender, EventArgs e)
{
// TODO: 这行代码将数据加载到表“curricula_variable_systemDataSet.SC”中。您可以根据需要移动或删除它。
this.sCTableAdapter.Fill(this.curricula_variable_systemDataSet.SC);
// TODO: 这行代码将数据加载到表“curricula_variable_systemDataSet.Course”中。您可以根据需要移动或删除它。
this.courseTableAdapter.Fill(this.curricula_variable_systemDataSet.Course);
// TODO: 这行代码将数据加载到表“curricula_variable_systemDataSet.Student”中。您可以根据需要移动或删除它。
this.studentTableAdapter.Fill(this.curricula_variable_systemDataSet.Student);
// TODO: 这行代码将数据加载到表“curricula_variable_systemDataSet.SysLog”中。您可以根据需要移动或删除它。
this.sysLogTableAdapter.Fill(this.curricula_variable_systemDataSet.SysLog);
// TODO: 这行代码将数据加载到表“curricula_variable_systemDataSet.SysUser”中。您可以根据需要移动或删除它。
this.sysUserTableAdapter.Fill(this.curricula_variable_systemDataSet.SysUser);
}
}
}