当我尝试在数据库中插入用户密码时,我正在尝试以盐和散列形式创建和保存密码。当我单击注册按钮时,它显示以下错误。
System.NullReferenceException: 'Object reference not set to an instance of an object.'
System.Configuration.ConnectionStringSettingsCollection.this[string].get returned null.
下面我添加了我的注册页面代码。
public class GenerateHash
{
public string CreateSalt(int SaltSize)
{
var rng = new System.Security.Cryptography.RNGCryptoServiceProvider();
byte[] Salt = new byte[SaltSize];
rng.GetBytes(Salt);
return Convert.ToBase64String(Salt);
}
public string GenarateHash(string UserPassword, string salt)
{
byte[] bytes = System.Text.Encoding.UTF8.GetBytes(UserPassword + salt);
byte[] PasswordHash = new System.Security.Cryptography.SHA256Managed().ComputeHash(bytes);
return Convert.ToBase64String(PasswordHash);
}
protected void Regist_Click(object sender, EventArgs e)
{
GenerateHash HashAndSalt = new GenerateHash();
string GetSalt = HashAndSalt.CreateSalt(10);
string hashString = HashAndSalt.GenarateHash(Password.Text, GetSalt);
string username = UserName.Text;
string connectionString = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
using (MySqlConnection conn = new MySqlConnection(connectionString))
{
conn.Open();
using (MySqlCommand cmd = new MySqlCommand("Insert into [User](UserName, PasswordHashed, Salt) values(" + "@UserName, @PasswordHashed, @Salt)", conn))
{
cmd.Parameters.AddWithValue("@UserName", username);
cmd.Parameters.AddWithValue("@PasswordHashed", hashString);
cmd.Parameters.AddWithValue("@Salt", GetSalt);
cmd.ExecuteNonQuery();
}
}
Response.Redirect("Login .aspx");
}
}
检查 web.config 文件中的连接字符串名称,看看它是否与ConnectionString代码中的匹配。
例如:
<connectionStrings>
<add name="connStr" connectionString="SERVER=localhost;DATABASE=saha;UID=root;PASSWORD=abc123;max pool size=50000000; Allow User Variables=True"/>
</connectionStrings>
所以在上面的代码变化name="connstr"来 name="connectionString"。我认为这应该可以解决您的问题。希望能帮助到你。