Encrypt and Decrypt values in Querystring
We are passing the username one page to another page by querystring but it can be modify on url how to avoid the problem using Encryption and Decryption values(Username).
DEMO
Download
Namespace
Login page
login.cs
We are passing the username one page to another page by querystring but it can be modify on url how to avoid the problem using Encryption and Decryption values(Username).
DEMO
Download
Namespace
using System.Security.Cryptography;
using System.IO;
using System.Text;
Login page
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title></title>
</head>
<body>
<form id="form1" runat="server">
<div>
<table><tr><td>Username</td><td>
<asp:TextBox ID="txtUsername" runat="server"></asp:TextBox>
</td></tr>
<tr><td>Password</td><td>
<asp:TextBox ID="txtPassword" runat="server"></asp:TextBox>
</td></tr>
<tr><td></td><td>
<asp:Button ID="Button1" runat="server" OnClick="Button1_Click" Text="Login" />
</td></tr>
</table>
</div>
</form>
</body>
</html>
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Security.Cryptography;
using System.IO;
using System.Text;
public partial class Login : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
}
protected void Button1_Click(object sender, EventArgs e)
{
if (txtUsername.Text == "admin" && txtPassword.Text == "admin")
{
string encryptID = txtUsername.Text.ToString();
Response.Redirect("Home.aspx?Username=" + encryptQueryString(encryptID));
}
}
public string encryptQueryString(string strQueryString)
{
return Encrypt(strQueryString, "!#$a54?3");
}
public static string Encrypt(string stringToEncrypt, string strEncryptionKey)
{
byte[] key = { };
byte[] eight = { 10, 20, 30, 40, 50, 60, 70, 80 };
byte[] inputByteArray;
key = Encoding.UTF8.GetBytes(strEncryptionKey.Substring(0, 8));
DESCryptoServiceProvider des = new DESCryptoServiceProvider();
inputByteArray = Encoding.UTF8.GetBytes(stringToEncrypt);
MemoryStream ms = new MemoryStream();
CryptoStream cs = new CryptoStream(ms, des.CreateEncryptor(key, eight), CryptoStreamMode.Write);
cs.Write(inputByteArray, 0, inputByteArray.Length);
cs.FlushFinalBlock();
return Convert.ToBase64String(ms.ToArray());
}
}
Home Page
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title></title>
</head>
<body>
<form id="form1" runat="server">
<div>
<br />
<br />
<br />
Username= <asp:LinkButton ID="lbtUsername" ForeColor="Red" runat="server"></asp:LinkButton>
</div>
</form>
</body>
</html>
Home.cs
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Security.Cryptography;
using System.IO;
using System.Text;
public partial class Home : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
string DecryptId = Request.QueryString["Username"];
DecryptId = DecryptId.Replace(" ", "+");
lbtUsername.Text = decryptQueryString(DecryptId);
}
public string decryptQueryString(string strQueryString)
{
return Decrypt(strQueryString, "!#$a54?3");
}
public static string Decrypt(string stringToDecrypt, string strEncryptionKey)
{
byte[] key = { };
byte[] eight = { 10, 20, 30, 40, 50, 60, 70, 80 };
byte[] inputByteArray = new byte[stringToDecrypt.Length];
key = Encoding.UTF8.GetBytes(strEncryptionKey.Substring(0, 8));
DESCryptoServiceProvider des = new DESCryptoServiceProvider();
inputByteArray = Convert.FromBase64String(stringToDecrypt);
MemoryStream ms = new MemoryStream();
CryptoStream cs = new CryptoStream(ms, des.CreateDecryptor(key, eight), CryptoStreamMode.Write);
cs.Write(inputByteArray, 0, inputByteArray.Length);
cs.FlushFinalBlock();
Encoding encoding = Encoding.UTF8; return encoding.GetString(ms.ToArray());
}
}
0 comments:
Post a Comment