这几天因为CSDN明文密码泄露的事情闹得沸沸扬扬.在年关将至的时候火了一把.让我想起我们项目中的会员密码是如何保存的?
这部分代码是之前曹哥或张博士所留,平常虽然有看过,但也没有仔细研究,只记得有HASH有Salt(盐?).但到底如何实现,今天就当作复习了一下.
思路以前有所了解,首先产生一个5位数的Salt,然后将password和salt进行Hash.但是具体代码的实现,确实没有了解.
产生Salt:
/// <summary>
/// 产生随机的混入字符串
/// </summary>
/// <param name="length">产生的字符串的长度</param>
/// <returns>随机字符串</returns>
public static string CreateSalt(int length)
{
Random r = new Random();
StringBuilder sb = new StringBuilder(length);
for (int i = 0; i < length; i++)
{
sb.Append(constant[r.Next(constant.Length)]);
}
return sb.ToString();
}
在salt产生中使用了一个constant的数组:
private static char[] constant ={'0','1','2','3','4','5','6','7','8','9',
'a','b','c','d','e','f','g','h','i','j','k','l','m','n','o','p','q','r',
's','t','u','v','w','x','y','z',
'A','B','C','D','E','F','G','H','I','J','K','L','M','N','O','P','Q','R',
'S','T','U','V','W','X','Y','Z' };
将password和salt混入并Hash:
/// <summary>
/// 混入并计算Hash值
/// </summary>
/// <param name="rawString">原始字符串</param>
/// <param name="salt">混入字符串</param>
/// <returns>混入后字符串的Hash值</returns>
public static string SaltAndHash(string rawString, string salt)
{
string plan = string.Concat(rawString, salt);
return plan.Hash();
}
hash算法:
/// <summary>
/// 计算字符串的Hash值
/// </summary>
/// <param name="planText">明文</param>
/// <returns>Hash值</returns>
public static string Hash(this string planText)
{
byte[] plan = Encoding.UTF8.GetBytes(planText);
SHA256 hasher = new SHA256Managed();
byte[] hashed = hasher.ComputeHash(plan);
return Convert.ToBase64String(hashed);
}
这次用JSCharts做报表,发现对于生成报表参数很是恼火,它有两种参数:
一是Line:var myData = new Array([10, 20], [15, 10], [20, 30], [25, 10], [30, 5]);
二是Bar:var myData = new Array(['unit', 20], ['unit two', 10], ['unit three', 30], ['other unit', 10], ['last unit', 30]);
如何将Controller中获得的数据生成JavaScript的数组呢?
一种是toJson的方法:
public static string ToJSON(this object obj)
{
JavaScriptSerializer serializer = new JavaScriptSerializer();
return serializer.Serialize(obj);
}
public static string ToJSON(object obj, int recursionDepth)
{
JavaScriptSerializer serializer = new JavaScriptSerializer();
serializer.RecursionLimit = recursionDepth;
return serializer.Serialize(obj);
}
var data=new Array();
$(document).ready(function(){
var content=<%=ViewData["Schedules"]==null?0:ViewData["Schedules"] %>;
if(content!=0)
{
$.each(content, function(i, item) {
data.push(new Array(item["ItemA"],item["ItemB"],item["ItemC"]));
});
}
});
参考:http://www.soaspx.com/dotnet/asp.net/DPattern/dpattern_20091104_1419.html
另一种是foreach ViewData,我选的这种:
public class Address
{
public string Line1 { get; set; }
public string City { get; set; }
}
// in your controller code
ViewData["Addresses"] = new List<Address>(new Address[] { new Address() { Line1="bla", City="somewhere"}, new Address() {Line1="foo", City="somewhereelse"}});
前台:
<script type="text/javascript">
var addresses = new Array(
<% for (int i = 0; i < ViewData["Addresses"].Count; i++) { %>
<%= i > 0 : "," : "" %>({line1:"<%= addr.Line1 %>", city:"<%= addr.City %>"})
<% } %>);
</script>
还可以这样:
var cityList = new Array();
function addCity(cityId, cityName) {
var city = new Object();
city.CityID = cityId;
city.CityName = cityName
cityList .push(city);
}
<% foreach (Something.DB.City item in ViewData["Cities"] as List<City>)
{ %>
addCity(item.Id, item.Name);
<% } %>
有几点需要注意,我的代码如下:
var callin = new Array();
function addReport( callin, callout) {
var data = new Array(callin, callout);
array.push(data);
}
'<%foreach(var item in ViewData["reports"] as List<CDRDayReport>){ %>'
addReport('<%=item.CallIn %>','<%=item.CallOut %>'); //string
//addReport(<%=item.CallIn %>,<%=item.CallOut %>); //number
'<%} %>'
PS:JSCharts的需要的参数,是数组嵌套数组。开始我一直没弄明白怎么生成这样的数据,其实很简单:
var array = new Array();
var data = new Array(10, 2);
var data2 = new Array(12, 3);
array.push(data);
array.push(data2);
唯一需要注意的是,如果只有1个data,JSCharts会报错,因为一个点生成不了line嘛,后来才想通。