以下是登陆表格的ASP实现,login.asp:
$#@60;%@ LANGUAGE = "JScript" %$#@62;
$#@60;HTML$#@62;
$#@60;HEAD$#@62;
$#@60;TITLE$#@62;Please log in!$#@60;/TITLE$#@62;
$#@60;% Session("sharedValue") = Math.random().toString() %$#@62;
$#@60;SCRIPT LANGUAGE="JavaScript" SRC="md5.js"$#@62;$#@60;/SCRIPT$#@62;
$#@60;SCRIPT LANGUAGE="JavaScript"$#@62;
var sharedValue = "$#@60;% =Session("sharedValue") %$#@62;"
function handleLogin() {
sendMD5Value(calculateMD5Value())
}
function calculateMD5Value() {
var pw = document.forms["login"].elements["password"].value
pw += sharedValue
return calcMD5(pw)
}
function sendMD5Value(hash) {
document.forms["login"].elements["password"].value = hash
document.forms["login"].submit()
}
$#@60;/SCRIPT$#@62;
$#@60;/HEAD$#@62;
$#@60;BODY$#@62;
$#@60;FORM NAME="login" METHOD="POST" ACTION="checkpassword.asp"$#@62;
User ID: $#@60;INPUT TYPE="TEXT" NAME="userid" SIZE="40"$#@62;$#@60;BR$#@62;
Password: $#@60;INPUT TYPE="PASSWORD" NAME="password" SIZE="40"$#@62;$#@60;BR$#@62;
$#@60;INPUT TYPE="BUTTON" NAME="startLogin" VALUE="Login" $#@62;
$#@60;/FORM$#@62;
$#@60;/BODY$#@62;
$#@60;/HTML$#@62;
以上只有三行是ASP脚本(ASP脚本由$#@60;% 和%$#@62;括起) 。
在服务器端一个名为checkpassword.asp的脚本验证用户ID和MD5口令:
$#@60;%@ LANGUAGE = "JScript" %$#@62;
$#@60;!--#include file ="md5.inc"--$#@62;
$#@60;%
function calculateMD5Value() {
var pw = "" + Application(Request.Form("userid"))
pw += Session("sharedValue")
return calcMD5(""+p br> }
clientPassword = Request.Form("password")
serverPassword = calculateMD5Value()
if(clientPassword == serverPassword) Response.Redirect("page1.htm")
else Response.Redirect("tryagain.htm")
%$#@62;
认证过程的核心由calculateMD5Value()函数后的四行语句实现。
实施此方案时,只需改变page1.html为你要保护的应用程序的第一页,如果你不用ASP,则需将以上ASP翻译为你的服务器端脚本语言。
加好友 
发短信
Post By:2014-2-22 15:35:23
