0
使用VB.NET和SQL Server 2005如何設置特定日期的用戶名和密碼?
在我的軟件中,我使用的用戶名和密碼登錄頁面。假設我將用戶名和密碼設置爲20天。 20天后,當我嘗試使用軟件登錄時,軟件不應允許登錄。
是否可以製作SQL查詢或VB.NET代碼。
任何人都可以提供示例代碼或查詢用戶名和密碼應該在特定的日子工作嗎?
A
回答
1
聽起來像你正在使用ASP .Net的內置成員資格和角色功能。在不修改任何現有的表,或延長該功能,你可以create a SQL Server Job執行以下語句:
UPDATE [dbo].[aspnet_Membership]
SET [IsLockedOut] = 1
WHERE CreateDate <= DateAdd(Day, -20, GetDate())
這將鎖定已創建20個或更多天前的用戶。您將需要運行SQL Server代理服務來執行此操作。這顯然不提供靈活性來爲不同的用戶指定不同的鎖定時間。您可以輕鬆擴展where子句以排除某些用戶被鎖定的情況。
一個更靈活(雖然涉及)的替代方案是define a profile property過期日期。如果您使用ASP .Net CreateUserWizard控件,則可以掛接到UserCreated事件並將過期配置文件屬性設置爲您想要的任何日期。然後,只需要通過掛接Login控件的LoggingIn或LoggedIn事件來檢查用戶登錄時的屬性。如果當前日期大於過期日期,則取消登錄,並向用戶顯示關於拒絕的原因。
我會看看我是否可以組合一個示例項目。
在午餐時一起黑客。使用該配置文件來存儲到期。再次假設您使用ASP .Net和Sql成員資格提供程序。
Default.aspx的
<%@ Page Language="VB" AutoEventWireup="false" CodeFile="Default.aspx.vb" Inherits="_Default" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title></title>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:LoginView ID="LoginView1" runat="server">
<LoggedInTemplate>
Thanks for logging in. Your account will expire on:<br />
<asp:Label ID="lblExpiration" runat="server" Text="Label"></asp:Label>
<br />
<asp:LoginStatus ID="LoginStatus1" runat="server" />
</LoggedInTemplate>
<AnonymousTemplate>
You are not currently logged in. Log in or create a new user.<br />
<br />
</AnonymousTemplate>
</asp:LoginView>
<br />
<br />
<asp:Label ID="lblError" runat="server" Text="Label" Visible="False"></asp:Label>
<asp:Login ID="Login1" runat="server" BackColor="#EFF3FB"
BorderColor="#B5C7DE" BorderPadding="4" BorderStyle="Solid" BorderWidth="1px"
Font-Names="Verdana" Font-Size="0.8em" ForeColor="#333333">
<TextBoxStyle Font-Size="0.8em" />
<LoginButtonStyle BackColor="White" BorderColor="#507CD1"
BorderStyle="Solid" BorderWidth="1px" Font-Names="Verdana" Font-Size="0.8em"
ForeColor="#284E98" />
<InstructionTextStyle Font-Italic="True"
ForeColor="Black" />
<TitleTextStyle BackColor="#507CD1" Font-Bold="True"
Font-Size="0.9em" ForeColor="White" />
</asp:Login>
<br />
<asp:CreateUserWizard ID="CreateUserWizard1" runat="server" BackColor="#EFF3FB" BorderColor="#B5C7DE"
BorderStyle="Solid" BorderWidth="1px" Font-Names="Verdana"
Font-Size="0.8em">
<SideBarStyle BackColor="#507CD1" Font-Size="0.9em"
VerticalAlign="Top" />
<SideBarButtonStyle BackColor="#507CD1"
Font-Names="Verdana" ForeColor="White" />
<ContinueButtonStyle BackColor="White"
BorderColor="#507CD1" BorderStyle="Solid" BorderWidth="1px"
Font-Names="Verdana" ForeColor="#284E98" />
<NavigationButtonStyle BackColor="White"
BorderColor="#507CD1" BorderStyle="Solid" BorderWidth="1px"
Font-Names="Verdana" ForeColor="#284E98" />
<HeaderStyle BackColor="#284E98" BorderColor="#EFF3FB"
BorderStyle="Solid" BorderWidth="2px" Font-Bold="True" Font-Size="0.9em"
ForeColor="White" HorizontalAlign="Center" />
<CreateUserButtonStyle BackColor="White"
BorderColor="#507CD1" BorderStyle="Solid" BorderWidth="1px"
Font-Names="Verdana" ForeColor="#284E98" />
<TitleTextStyle BackColor="#507CD1" Font-Bold="True"
ForeColor="White" />
<StepStyle Font-Size="0.8em" />
<WizardSteps>
<asp:CreateUserWizardStep runat="server" />
<asp:CompleteWizardStep runat="server" />
</WizardSteps>
</asp:CreateUserWizard>
</div>
</form>
</body>
</html>
Default.aspx.vb
Partial Class _Default
Inherits System.Web.UI.Page
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
Me.lblError.Visible = False
If User.Identity.IsAuthenticated = True Then
'is the user's account expired? if so log them out.
If Profile.Expiration <= Now Then
Me.lblError.Visible = True
Me.lblError.Text = "Your account has expired. Please contact the administrator or create a new account."
FormsAuthentication.SignOut()
Response.Redirect(Request.Url.ToString)
Else
CType(LoginView1.FindControl("lblExpiration"), System.Web.UI.WebControls.Label).Text = Profile.Expiration.ToString
End If
End If
End Sub
Protected Sub CreateUserWizard1_CreatedUser(ByVal sender As Object, ByVal e As System.EventArgs) Handles CreateUserWizard1.CreatedUser
Dim p As ProfileCommon
p = ProfileCommon.Create(CreateUserWizard1.UserName)
p.Expiration = Now.AddMinutes(2)
p.Save()
End Sub
Protected Sub Login1_LoggingIn(ByVal sender As Object, ByVal e As System.Web.UI.WebControls.LoginCancelEventArgs) Handles Login1.LoggingIn
'get the user's profile and check their expiration date
Profile.GetProfile(Login1.UserName)
If Profile.Expiration <= Now Then
Me.lblError.Visible = True
Me.lblError.Text = "Your account has expired. Please contact the administrator or create a new account."
'cancel the login attempt
e.Cancel = True
End If
End Sub
End Class
的Web.config
<?xml version="1.0"?>
<!--
Note: As an alternative to hand editing this file you can use the
web admin tool to configure settings for your application. Use
the Website->Asp.Net Configuration option in Visual Studio.
A full list of settings and comments can be found in
machine.config.comments usually located in
\Windows\Microsoft.Net\Framework\v2.x\Config
-->
<configuration>
<configSections>
<sectionGroup name="system.web.extensions" type="System.Web.Configuration.SystemWebExtensionsSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35">
<sectionGroup name="scripting" type="System.Web.Configuration.ScriptingSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35">
<section name="scriptResourceHandler" type="System.Web.Configuration.ScriptingScriptResourceHandlerSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/>
<sectionGroup name="webServices" type="System.Web.Configuration.ScriptingWebServicesSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35">
<section name="jsonSerialization" type="System.Web.Configuration.ScriptingJsonSerializationSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="Everywhere"/>
<section name="profileService" type="System.Web.Configuration.ScriptingProfileServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/>
<section name="authenticationService" type="System.Web.Configuration.ScriptingAuthenticationServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/>
<section name="roleService" type="System.Web.Configuration.ScriptingRoleServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/>
</sectionGroup>
</sectionGroup>
</sectionGroup>
</configSections>
<appSettings/>
<connectionStrings/>
<system.web>
<!--
Set compilation debug="true" to insert debugging
symbols into the compiled page. Because this
affects performance, set this value to true only
during development.
Visual Basic options:
Set strict="true" to disallow all data type conversions
where data loss can occur.
Set explicit="true" to force declaration of all variables.
-->
<compilation debug="true" strict="false" explicit="true">
<assemblies>
<add assembly="System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
<add assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
<add assembly="System.Data.DataSetExtensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
<add assembly="System.Xml.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
</assemblies>
</compilation>
<pages>
<namespaces>
<clear/>
<add namespace="System"/>
<add namespace="System.Collections"/>
<add namespace="System.Collections.Generic"/>
<add namespace="System.Collections.Specialized"/>
<add namespace="System.Configuration"/>
<add namespace="System.Text"/>
<add namespace="System.Text.RegularExpressions"/>
<add namespace="System.Linq"/>
<add namespace="System.Xml.Linq"/>
<add namespace="System.Web"/>
<add namespace="System.Web.Caching"/>
<add namespace="System.Web.SessionState"/>
<add namespace="System.Web.Security"/>
<add namespace="System.Web.Profile"/>
<add namespace="System.Web.UI"/>
<add namespace="System.Web.UI.WebControls"/>
<add namespace="System.Web.UI.WebControls.WebParts"/>
<add namespace="System.Web.UI.HtmlControls"/>
</namespaces>
<controls>
<add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
<add tagPrefix="asp" namespace="System.Web.UI.WebControls" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
</controls>
</pages>
<!--
The <authentication> section enables configuration
of the security authentication mode used by
ASP.NET to identify an incoming user.
-->
<authentication mode="Forms"/>
<!--
The <customErrors> section enables configuration
of what to do if/when an unhandled error occurs
during the execution of a request. Specifically,
it enables developers to configure html error pages
to be displayed in place of a error stack trace.
<customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm">
<error statusCode="403" redirect="NoAccess.htm" />
<error statusCode="404" redirect="FileNotFound.htm" />
</customErrors>
-->
<profile defaultProvider="AspNetSqlProfileProvider">
<properties>
<add name="Expiration" type="System.DateTime"/>
</properties>
</profile>
<httpHandlers>
<remove verb="*" path="*.asmx"/>
<add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
<add verb="*" path="*_AppService.axd" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
<add verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false"/>
</httpHandlers>
<httpModules>
<add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
</httpModules>
</system.web>
<system.codedom>
<compilers>
<compiler language="c#;cs;csharp" extension=".cs" warningLevel="4" type="Microsoft.CSharp.CSharpCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
<providerOption name="CompilerVersion" value="v3.5"/>
<providerOption name="WarnAsError" value="false"/>
</compiler>
<compiler language="vb;vbs;visualbasic;vbscript" extension=".vb" warningLevel="4" type="Microsoft.VisualBasic.VBCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
<providerOption name="CompilerVersion" value="v3.5"/>
<providerOption name="OptionInfer" value="true"/>
<providerOption name="WarnAsError" value="false"/>
</compiler>
</compilers>
</system.codedom>
<!--
The system.webServer section is required for running ASP.NET AJAX under Internet
Information Services 7.0. It is not necessary for previous version of IIS.
-->
<system.webServer>
<validation validateIntegratedModeConfiguration="false"/>
<modules>
<remove name="ScriptModule"/>
<add name="ScriptModule" preCondition="managedHandler" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
</modules>
<handlers>
<remove name="WebServiceHandlerFactory-Integrated"/>
<remove name="ScriptHandlerFactory"/>
<remove name="ScriptHandlerFactoryAppServices"/>
<remove name="ScriptResource"/>
<add name="ScriptHandlerFactory" verb="*" path="*.asmx" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
<add name="ScriptHandlerFactoryAppServices" verb="*" path="*_AppService.axd" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
<add name="ScriptResource" preCondition="integratedMode" verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
</handlers>
</system.webServer>
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<dependentAssembly>
<assemblyIdentity name="System.Web.Extensions" publicKeyToken="31bf3856ad364e35"/>
<bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/>
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Web.Extensions.Design" publicKeyToken="31bf3856ad364e35"/>
<bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/>
</dependentAssembly>
</assemblyBinding>
</runtime>
</configuration>
希望有所幫助。任何問題只是問。
+0
您是否有機會嘗試提供的示例代碼? – 2009-10-29 12:55:21
0
添加的成員表中的列指定口令的有效期限..
當查詢在登錄該數據庫,您在WHERE添加一個條件來檢查當前時間不大於到期日...
SELECT * FROM Member WHERE email = 'dfsdfsd' AND password = 'ddada' AND expiration > GETDATE()
通過這種方式,用戶將無法在密碼過期
編輯登錄:您確定「過期」的方式是你......你腠LD組GETDATE()+ 20的用戶插入在DB
感謝
+0
但是,客戶端應該無法打開成員表。如何設置 – Gopal 2009-10-28 14:30:16
+0
你是什麼意思的客戶?如果它是你的軟件,你改變它!這就像添加任何其他業務規則到您的應用程序... – 2009-10-28 14:43:06
0
不知道你使用的是什麼技術(ASP.NET/Windows形式),但如果您使用的是成員資格提供,你會發現有一個LastPasswordChangedDate,你會發現有用的。
如果您使用的是.NET 3.5,您可以輕鬆地在Windows窗體中使用它,方法是使用client application services以及ASP.NET。
1
你可以有一個表,說:
CREATE TABLE dbo.Users
(
Username VARCHAR(128),
Password VARCHAR(16),
LastReset SMALLDATETIME
);
(保持簡單在這裏,你可能要存儲密碼的哈希和哈希比較入門,而不是簡單的將密碼存儲文本)。
現在,當用戶登錄時,您會檢查該用戶的LastReset列。如果超過20天前,強制他們重置密碼,並且當他們這樣做時,將LastReset列更新爲DATEADD(DAY,20,CURRENT_TIMESTAMP)。
+0
但是,客戶端不應該能夠打開用戶表。如何設置 – Gopal 2009-10-28 14:29:56
+0
客戶端不打開任何東西。您目前如何在登錄時查看登錄名和密碼?你目前如何創建一個新用戶並設置他們的密碼?這些是可以改變的存儲過程,以便您的應用程序按照您希望的方式運行。 – 2009-10-28 15:09:23
相關問題
- 1. 如何設置用戶名/密碼mosquitto?
- 2. 如何設置HTTPGET用戶名/密碼
- 3. 如何在代碼中設置我的用戶名和密碼?
- 4. 設置mysql用戶名和密碼
- 5. 設置phpMyAdmin用戶名和密碼
- 6. Charles Proxy設置用戶名和密碼。
- 7. 如何匹配用戶名和密碼設置(AS3中的SharedObject)
- 8. 如何設置phpMyAdmin的用戶名和密碼?
- 9. 如何在textfields中設置用戶名和密碼的標籤?
- 10. 如何使用ini_set設置smtp用戶名和密碼
- 11. 如何設置特定日期?
- 12. JSON RPC Java dzhuvinov - 如何設置用戶名和密碼?
- 13. 如何通過JNDI設置ActiveMQ連接用戶名和密碼
- 14. 如何爲數據庫設置用戶名和密碼?
- 15. 如何在JBoss中設置用戶名和密碼
- 16. 如何在Flask Peewee ORM中設置Postgres用戶名和密碼?
- 17. 如何在騾子中設置標頭用戶名和密碼
- 18. 如何爲xlsform設置用戶名和密碼
- 19. 如何設置鎖定Active Directory用戶的時間和密碼
- 20. 在日期中設置特定日期
- 21. 在mercurial中設置用戶的用戶名和密碼
- 22. Powershell用戶密碼日期
- 23. 使用特定日期的密鑰設置值
- 24. 如何編碼用戶名和密碼?
- 25. 如何使用的RESTEasy客戶端生成器設置用戶名和密碼?
- 26. 如何使用Slick的源代碼生成器設置用戶名和密碼?
- 27. 設置特定域的到期日期
- 28. 從PHP設置HTTP用戶名/密碼
- 29. 重置JFrog的用戶名和密碼
- 30. Linux,我想設置包含用戶名的用戶密碼,如何設置密碼策略?
所有用戶在相同的天數後會過期還是會根據用戶的不同而有所不同? – 2009-10-28 14:20:05