userfindpass.aspx.cs

本程序基于 asp.net 2.0 +sql server 2

using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Data.SqlClient;
using lalablog;
public partial class userFindPass : System.Web.UI.Page
{
    string answer;
    string username;
    int userid;
    protected void Page_Load(object sender, EventArgs e)
    {
        if (!IsPostBack)
        {
            firstpage f1 = new firstpage();
            //blog信息
            bicontent.InnerHtml = f1.getBlogInfo();
            //活跃博客
            abContent.InnerHtml = f1.getBlogUser();
            //最近更新的博客
            nwContent.InnerHtml = f1.zuiJinGengXin();
            //最新申请入住的博客
            nbContent.InnerHtml = f1.getNewUser();
            //专题排行
            ssContent.InnerHtml = f1.getBlogSubject();
            //友情连接
            flContent.InnerHtml = f1.getFriendLink();
        }
    }

    private string setValue()
    {
        this.username = Server.HtmlEncode(tb_username.Text);
        string strconn = ConfigurationManager.ConnectionStrings["dsn"].ToString();
        SqlConnection cn = new SqlConnection(strconn);
        string sql = "select userid,username,question,answer from users where username='" + this.username+"'";

        try
        {
            cn.Open();
            SqlCommand cm = new SqlCommand(sql, cn);
            SqlDataReader dr = cm.ExecuteReader();

            //如果读到记录，根据用户id取得用户信息
            if (dr.Read())
            {
                this.userid = Convert.ToInt32(dr["userid"].ToString());
                lb_question.Text = dr["question"].ToString();
                this.answer = dr["answer"].ToString();
                return "";
            }
            else
                return "无信息";

        }
        catch (Exception ex)
        {
            return ex.Message;
        }
        finally
        {
            cn.Close();
        }
    }
    protected void btn_updatePwd_Click(object sender, EventArgs e)
    {
        setValue();
        string result=updatePwd();
        myfunc m1 = new myfunc(result);
        Response.Write(m1.JavaMsg("index.aspx"));
    }

    private string   updatePwd()
    {
        if (tb_newpass.Text.Length < 6)
            return "您输入的密码位数太短";
        if (tb_newpass.Text != tb_retypeNewpass.Text)
            return "两次输入的密码不一致";

        if (Server.HtmlEncode(tb_answer.Text) == this.answer)
        {
            string strconn = ConfigurationManager.ConnectionStrings["dsn"].ToString();
            SqlConnection cn = new SqlConnection(strconn);

            string password = Server.HtmlEncode(FormsAuthentication.HashPasswordForStoringInConfigFile
                (tb_newpass.Text.ToString(), "SHA1"));

            string sql = "update users set password='" + password + "' where userid= " + userid;
            try
            {
                cn.Open();
                SqlCommand cm = new SqlCommand(sql, cn);
                cm.ExecuteNonQuery();
                return "更新密码成功！";
            }
            catch (SqlException ex)
            {
                return ex.Message;
            }
            finally
            {
                cn.Close();
            }
        }
        else
            return "你回答错误了";
    }

    protected void button1_Click(object sender, EventArgs e)
    {
        setValue();
    }
}