2011年12月10日 星期六

tablesorter 排序插件

如此在 thead 標籤內的 th 可以排序。
參數設定:http://tablesorter.com/docs/#Configuration


如果要將GridView輸出時加入 thead 或 tfoot 標籤 
 
    protected void GridView1_PreRender(object sender, EventArgs e)
    {
        if (GridView1.Rows.Count > 0)
        {
            GridView1.UseAccessibleHeader = true;
            GridView1.HeaderRow.TableSection = TableRowSection.TableHeader;
            GridView1.FooterRow.TableSection = TableRowSection.TableFooter;
        }
    }
張貼者: Sirius.Satis 下午5:51 0 意見

用ASP.NET加密

如果你未曾留意你的機器裡有Cookie文件,可以按下列方法查看:打開IE,選擇「工具」菜單裡的「Internet選項」,然後在彈出的對話框裡點擊「設置」按鈕,在設置對話框裡點擊「查看」鈕,就會打開一個窗口顯示瀏覽器放在硬盤裡的所有緩存數據,其中就有大量的Cookie文件。

所以奉勸大家不要將敏感的用戶數據存放在Cookie中,要麼就通過加密將這些數據保護起來。

在以前的ASP版本中沒有加密的功能,現在.NET構架在System.Security.Cryptography命名空間裡提供了許多加密類可以利用。




一、.NET的密碼系統概要

簡單地說,加密就是將原始字符(字節)串轉變為完全不同的字符串的處理過程,達到原始字符無法破譯的目的。這個處理過程是用另一個字符串(稱為「密鑰」),採取複雜的、混合的算法,「搗進」原始字符串。有時還使用一個稱為「初始向量」的字符串,在密鑰搗進之前先打亂目標字符串,預防目標字符串中較明顯的內容被識破。加密的功效取決於所用密鑰的大小,密鑰越長,保密性越強。典型的密鑰長度有64位、128位、192位、256位和512位。攻擊者唯一的方法是創建一個程序嘗試每一個可能的密鑰組合,但64位密鑰也有72,057,594,037,927,936種組合。

目前有兩種加密方法:對稱加密(或稱私有密鑰)和非對稱加密(或稱公共密鑰)。對稱加密技術的數據交換兩邊(即加密方和解密方)必須使用一個保密的私有密鑰。非對稱加密技術中,解密方向加密方要求一個公共密鑰,加密方在建立一個公共密鑰給解密方後,用公共密鑰創建唯一的私有密鑰。加密方用私有密鑰加密送出的信息,對方用公共密鑰解密。保護HTTP傳輸安全的SSL就是使用非對稱技術。

我們對Cookie數據的加密採取對稱加密法。.NET構架從基本的SymmetricAlgorithm類擴展出來四種算法:

·System.Security.Cryptography.DES

·System.Security.Cryptography.TripleDES

·System.Security.Cryptography.RC2

·System.Security.Cryptography.Rijndael

下面將示範DES和TripleDES算法。DES的密鑰大小限制在64位,但用於Cookie的加密是有效的。TripleDES完成了三次加密,並有一個較大的密鑰位數,所以它更安全。使用那一種算法不僅要考慮加密強度,還要考慮Cookie的大小。因為加密後的Cookie數據將變大,並且,密鑰越大,加密後的數據就越大,然而Cookie數據的大小限制在4KB,這是一個必須考慮的問題。再者,加密的數據越多或算法越複雜,就會佔有更多的服務器資源,進而減慢整個站點的訪問速度。

二、創建一個簡單的加密應用類

.NET的所有加密和解密通過CryptoStream類別來處理,它衍生自System.IO.Stream,將字符串作為以資料流為基礎的模型,供加密轉換之用。下面是一個簡單的加密應用類的代碼:

Imports System.Diagnostics

Imports System.Security.Cryptography

Imports System.Text

Imports System.IO


Public Class CryptoUtil


'隨機選8個字節既為密鑰也為初始向量

Private Shared KEY_64() As Byte = {42, 16, 93, 156, 78, 4, 218, 32}

Private Shared IV_64() As Byte = {55, 103, 246, 79, 36, 99, 167, 3}


'對TripleDES,採取24字節或192位的密鑰和初始向量

Private Shared KEY_192() As Byte = {42, 16, 93, 156, 78, 4, 218, 32, _

15, 167, 44, 80, 26, 250, 155, 112, _

2, 94, 11, 204, 119, 35, 184, 197}

Private Shared IV_192() As Byte = {55, 103, 246, 79, 36, 99, 167, 3, _

42, 5, 62, 83, 184, 7, 209, 13, _

145, 23, 200, 58, 173, 10, 121, 222}


'標準的DES加密

Public Shared Function Encrypt(ByVal value As String) As String

If value <> "" Then

Dim cryptoProvider As DESCryptoServiceProvider = _

New DESCryptoServiceProvider()

Dim ms As MemoryStream = New MemoryStream()

Dim cs As CryptoStream = _

New CryptoStream(ms, cryptoProvider.CreateEncryptor(KEY_64, IV_64), _

CryptoStreamMode.Write)

Dim sw As StreamWriter = New StreamWriter(cs)


sw.Write(value)

sw.Flush()

cs.FlushFinalBlock()

ms.Flush()


'再轉換為一個字符串

Return Convert.ToBase64String(ms.GetBuffer(), 0, ms.Length)

End If

End Function



'標準的DES解密

Public Shared Function Decrypt(ByVal value As String) As String

If value <> "" Then

Dim cryptoProvider As DESCryptoServiceProvider = _

New DESCryptoServiceProvider()


'從字符串轉換為字節組

Dim buffer As Byte() = Convert.FromBase64String(value)

Dim ms As MemoryStream = New MemoryStream(buffer)

Dim cs As CryptoStream = _

New CryptoStream(ms, cryptoProvider.CreateDecryptor(KEY_64, IV_64), _

CryptoStreamMode.Read)

Dim sr As StreamReader = New StreamReader(cs)


Return sr.ReadToEnd()

End If

End Function


'TRIPLE DES加密

Public Shared Function EncryptTripleDES(ByVal value As String) As String

If value <> "" Then

Dim cryptoProvider As TripleDESCryptoServiceProvider = _

New TripleDESCryptoServiceProvider()

Dim ms As MemoryStream = New MemoryStream()

Dim cs As CryptoStream = _

New CryptoStream(ms, cryptoProvider.CreateEncryptor(KEY_192, IV_192), _

CryptoStreamMode.Write)

Dim sw As StreamWriter = New StreamWriter(cs)


sw.Write(value)

sw.Flush()

cs.FlushFinalBlock()

ms.Flush()


'再轉換為一個字符串

Return Convert.ToBase64String(ms.GetBuffer(), 0, ms.Length)

End If

End Function



'TRIPLE DES解密

Public Shared Function DecryptTripleDES(ByVal value As String) As String

If value <> "" Then

Dim cryptoProvider As TripleDESCryptoServiceProvider = _

New TripleDESCryptoServiceProvider()


'從字符串轉換為字節組

Dim buffer As Byte() = Convert.FromBase64String(value)

Dim ms As MemoryStream = New MemoryStream(buffer)

Dim cs As CryptoStream = _

New CryptoStream(ms, cryptoProvider.CreateDecryptor(KEY_192, IV_192), _

CryptoStreamMode.Read)

Dim sr As StreamReader = New StreamReader(cs)


Return sr.ReadToEnd()

End If

End Function


End Class

上面我們將一組字節初始化為密鑰,並且使用的是數字常量,如果你在實際應用中也這樣做,這些字節一定要在0和255之間,這是一個字節允許的範圍值。

三、創建一個Cookie的應用類

下面我們就創建一個簡單的類,來設置和獲取Cookies。

Public Class CookieUtil


'設置COOKIE *****************************************************


'SetTripleDESEncryptedCookie (只針對密鑰和Cookie數據)

Public Shared Sub SetTripleDESEncryptedCookie(ByVal key As String, _

ByVal value As String)

key = CryptoUtil.EncryptTripleDES(key)

value = CryptoUtil.EncryptTripleDES(value)


SetCookie(key, value)

End Sub


'SetTripleDESEncryptedCookie (增加了Cookie數據的有效期參數)

Public Shared Sub SetTripleDESEncryptedCookie(ByVal key As String, _

ByVal value As String, ByVal expires As Date)

key = CryptoUtil.EncryptTripleDES(key)

value = CryptoUtil.EncryptTripleDES(value)


SetCookie(key, value, expires)

End Sub



'SetEncryptedCookie(只針對密鑰和Cookie數據)

Public Shared Sub SetEncryptedCookie(ByVal key As String, _

ByVal value As String)

key = CryptoUtil.Encrypt(key)

value = CryptoUtil.Encrypt(value)


SetCookie(key, value)

End Sub


'SetEncryptedCookie (增加了Cookie數據的有效期參數)

Public Shared Sub SetEncryptedCookie(ByVal key As String, _

ByVal value As String, ByVal expires As Date)

key = CryptoUtil.Encrypt(key)

value = CryptoUtil.Encrypt(value)


SetCookie(key, value, expires)

End Sub



'SetCookie (只針對密鑰和Cookie數據)

Public Shared Sub SetCookie(ByVal key As String, ByVal value As String)

'編碼部分

key = HttpContext.Current.Server.UrlEncode(key)

value = HttpContext.Current.Server.UrlEncode(value)


Dim cookie As HttpCookie

cookie = New HttpCookie(key, value)

SetCookie(cookie)

End Sub


'SetCookie(增加了Cookie數據的有效期參數)

Public Shared Sub SetCookie(ByVal key As String, _

ByVal value As String, ByVal expires As Date)

'編碼部分

key = HttpContext.Current.Server.UrlEncode(key)

value = HttpContext.Current.Server.UrlEncode(value)


Dim cookie As HttpCookie

cookie = New HttpCookie(key, value)

cookie.Expires = expires

SetCookie(cookie)

End Sub


'SetCookie (只針對HttpCookie)

Public Shared Sub SetCookie(ByVal cookie As HttpCookie)

HttpContext.Current.Response.Cookies.Set(cookie)

End Sub


'獲取COOKIE *****************************************************


Public Shared Function GetTripleDESEncryptedCookieValue(ByVal key As String) _

As String

'只對密鑰加密

key = CryptoUtil.EncryptTripleDES(key)


'獲取Cookie值

Dim value As String

value = GetCookieValue(key)

'解密Cookie值

value = CryptoUtil.DecryptTripleDES(value)

Return value

End Function


Public Shared Function GetEncryptedCookieValue(ByVal key As String) As String

'只對密鑰加密

key = CryptoUtil.Encrypt(key)


'獲取Cookie值

Dim value As String

value = GetCookieValue(key)

'解密Cookie值

value = CryptoUtil.Decrypt(value)

Return value

End Function


Public Shared Function GetCookie(ByVal key As String) As HttpCookie

'編碼密鑰

key = HttpContext.Current.Server.UrlEncode(key)

Return HttpContext.Current.Request.Cookies.Get(key)

End Function


Public Shared Function GetCookieValue(ByVal key As String) As String

Try

'編碼在GetCookie裡完成

'獲取Cookie值

Dim value As String

value = GetCookie(key).Value

'解碼所存儲的值

value = HttpContext.Current.Server.UrlDecode(value)

Return value

Catch

End Try

End Function


End Class

上面的設置功能中,有些功能附加提供了Cookie有效期這個參數。不設置該參數,Cookie將只為瀏覽器會話才保存在內存中。為了設置永久的Cookie,就需要設置有效期參數。

上面我們對密鑰和Cookies值進行了編碼與解碼,其原因是Cookies與URLs有同樣的限制,字符「=」和「;」是保留的,不能使用。這在保存加密後的數據時尤其重要,因為加密算法將添加「=」,按所分配塊的大小來填滿該數據塊。 

轉載自:http://big5.webasp.net/article/15/14452.htm
張貼者: Sirius.Satis 下午5:00 0 意見

加密與解密-DES 


     /**** 參考出處
     http://big5.webasp.net/article/15/14452.htm
     ****/

    private byte[] KEY_64 = new byte[] { 42, 16, 93, 156, 78, 4, 218, 32 }; //密鑰
    private byte[] IV_64 = new byte[] { 55, 103, 246, 79, 36, 99, 167, 3 }; //初始化向量

    protected void btnEncryptor_Click(object sender, EventArgs e)
    {
        //加密
        DESCryptoServiceProvider cryptoProvider = new DESCryptoServiceProvider();
        MemoryStream ms = new MemoryStream();
        CryptoStream cs = new CryptoStream(ms, cryptoProvider.CreateEncryptor(KEY_64, IV_64), CryptoStreamMode.Write);
        StreamWriter sw = new StreamWriter(cs);

        sw.Write(TextBox1.Text);
        sw.Flush();
        cs.FlushFinalBlock();
        ms.Flush();

        Label1.Text = Convert.ToBase64String(ms.GetBuffer(), 0, Int32.Parse(ms.Length.ToString()));
    }



    protected void btnDecryptor_Click(object sender, EventArgs e)
    {
        //解密
        DESCryptoServiceProvider cryptoProvider = new DESCryptoServiceProvider();
        Byte[] buffer = Convert.FromBase64String(Label1.Text);
        MemoryStream ms = new MemoryStream(buffer);
        CryptoStream cs = new CryptoStream(ms, cryptoProvider.CreateDecryptor(KEY_64, IV_64), CryptoStreamMode.Read);
        StreamReader sr = new StreamReader(cs);

        Label2.Text = sr.ReadToEnd();
    }
張貼者: Sirius.Satis 下午4:33 0 意見
訂閱: 文章 (Atom)