本文介绍了将密码保存到数据库的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述 29岁程序员，3月因学历无情被辞！ 您好， 请帮我这个 公开 class 密码 { // 生成随机密码的方法 public static string GeneratePassword（） { string PasswordLength = 5; string NewPassword = ; string allowedChars = ; allowedChars = 1,2,3,4,5,6,7,8,9,0 ; allowedChars + = A，B，C，D，E，F，G，H，I， J，K，L，M，N，O，P，Q，R，S，T，U，V，W，X，Y，Z，; allowedChars + = a，b，c，d，e，f，g，h，i， J，K，L，M，N，O，p，q，R，S，T，U，v，W，X，Y，Z，; allowedChars + = 〜，！，@，＃，$，％，^，&，* ，+ ,?; // 字符分隔 char [] sep = {' ，'}; string [] arr = allowedChars.Split（sep）; string IDString = ; string temp = ; 随机rand = 新 Random（）; for （ int i = 0 ; i < Convert.ToInt32（PasswordLength）; i ++） { temp = arr [rand.Next（ 0 ，arr.Length）]; IDString + = temp; NewPassword = IDString; } 返回 NewPassword; } // 将NewPassword保存到数据库[Users表]的方法 public static void SavePasswordToDB（） { SqlConnection con = new SqlConnection（ConfigurationManager.ConnectionStrings [ MyDBConnectionString]。ToString（））; string strNewPassword = GeneratePassword（）。ToString（）; SqlCommand cmd = new SqlCommand（ INSERT INTO dbo.Users（UserPassword）值（strNewPassword），con）; con.Open（）; cmd.ExecuteNonQuery（）; con.Close（）; } } 我收到以下错误： 在此上下文中不允许使用名称strNewPassword。有效表达式是常量，常量表达式和（在某些上下文中）变量。不允许使用列名。 我应该通过什么值（）?? 谢谢。解决方案 ，％，^，&，*，+，？; // 字符分隔 char [] sep = {' ，'}; string [] arr = allowedChars.Split（sep）; string IDString = ; string temp = ; 随机rand = 新随机（）; for （ int i = 0 ; i < Convert.ToInt32（PasswordLength）; i ++） { temp = arr [rand.Next（ 0 ，arr.Length）]; IDString + = temp; NewPassword = IDString; } 返回 NewPassword; } // 将NewPassword保存到数据库[Users表]的方法 public static void SavePasswordToDB（） { SqlConnection con = new SqlConnection（ConfigurationManager.ConnectionStrings [ MyDBConnectionString]。ToString（））; string strNewPassword = GeneratePassword（）。ToString（）; SqlCommand cmd = new SqlCommand（ INSERT INTO dbo.Users（UserPassword）值（strNewPassword），con）; con.Open（）; cmd.ExecuteNonQuery（）; con.Close（）; } } 我收到以下错误： 在此上下文中不允许使用名称strNewPassword。有效表达式是常量，常量表达式和（在某些上下文中）变量。不允许使用列名。 我应该通过什么值（）?? 谢谢。 好的，两件事。 一，你传递这个字符串： INSERT INTO dbo.Users（UserPassword）值（strNewPassword） 显然，它不知道 strNewPassword 是什么。 要解决此问题，请确保传递值。但是请使用参数（免责声明：我没有编译它，但它应该可以工作）： 尝试 { con.Open（）; 使用（SqlCommand cmd = new SqlCommand（ INSERT INTO dbo.Users（UserPassword）值（@password），con）） { cmd.Parameters。 AddValue（ @ password，strNewPassword）; cmd.ExecuteNonQuery（）; } } 最后 { if （con！= null ）con.Close（）; } 这比使用 String.Format 或类似的东西。因为这会让你对SQL注入开放（尽管在这种情况下可能不是这样，但这样做仍然是好的做法）。在我看来，无论如何使用起来要容易得多。 有关该主题的更多信息 [ ^ ] 但第二件事（也许是最重要的）：为什么你在数据库中存储未加密的密码吗？ 你必须使用这些行.... public static void SavePasswordToDB（） { SqlConnection con = new SqlConnection（ConfigurationManager.ConnectionStrings [MyDBConnectionString]。ToString（））; string strNewPassword = GeneratePassword（）。ToString（）; SqlCommand cmd = new SqlCommand（INSERT INTO dbo.Users（UserPassword）Values（+strNewPassword +'），con）; con.Open（）; cmd.ExecuteNonQuery（）; con.Close（）; } } Hello,Please help me with thispublic class Password { // method to generate random Password public static string GeneratePassword() { string PasswordLength = "5"; string NewPassword = ""; string allowedChars=""; allowedChars = "1,2,3,4,5,6,7,8,9,0"; allowedChars += "A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z,"; allowedChars += "a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z,"; allowedChars += "~,!,@,#,$,%,^,&,*,+,?"; // seperation of characters char[] sep = { ',' }; string[] arr = allowedChars.Split(sep); string IDString = ""; string temp = ""; Random rand = new Random(); for (int i = 0; i < Convert.ToInt32(PasswordLength); i++) { temp = arr[rand.Next(0, arr.Length)]; IDString += temp; NewPassword = IDString; } return NewPassword; } // Method to save NewPassword to Database's [Users table] public static void SavePasswordToDB() { SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["MyDBConnectionString"].ToString()); string strNewPassword = GeneratePassword().ToString(); SqlCommand cmd = new SqlCommand("INSERT INTO dbo.Users(UserPassword) Values(strNewPassword)", con); con.Open(); cmd.ExecuteNonQuery(); con.Close(); }}I am getting the following error:The name "strNewPassword" is not permitted in this context. Valid expressions are constants, constant expressions, and (in some contexts) variables. Column names are not permitted.What should i pass in Values() ??Thank you. 解决方案 ,%,^,&,*,+,?"; // seperation of characters char[] sep = { ',' }; string[] arr = allowedChars.Split(sep); string IDString = ""; string temp = ""; Random rand = new Random(); for (int i = 0; i < Convert.ToInt32(PasswordLength); i++) { temp = arr[rand.Next(0, arr.Length)]; IDString += temp; NewPassword = IDString; } return NewPassword; } // Method to save NewPassword to Database's [Users table] public static void SavePasswordToDB() { SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["MyDBConnectionString"].ToString()); string strNewPassword = GeneratePassword().ToString(); SqlCommand cmd = new SqlCommand("INSERT INTO dbo.Users(UserPassword) Values(strNewPassword)", con); con.Open(); cmd.ExecuteNonQuery(); con.Close(); }}I am getting the following error:The name "strNewPassword" is not permitted in this context. Valid expressions are constants, constant expressions, and (in some contexts) variables. Column names are not permitted.What should i pass in Values() ??Thank you.Okay, two things.One, you're passing this string:"INSERT INTO dbo.Users(UserPassword) Values(strNewPassword)"So obviously it won't know what strNewPassword is.To fix that, make sure you pass the values. But please, use parameters for that (disclaimer: I haven't compiled this, but it should work):try{ con.Open(); using(SqlCommand cmd = new SqlCommand("INSERT INTO dbo.Users(UserPassword) Values(@password)", con)) { cmd.Parameters.AddValue("@password", strNewPassword); cmd.ExecuteNonQuery(); }}finally{ if (con != null) con.Close();}This is a much safer way than using a String.Format or something similar. Because that would leave you open to SQL injection (though perhaps not in this case, it's still good practice to do so). And it's a lot easier to use anyway in my opinion. More info on the subject[^]But the second thing (and perhaps the most important): Why are you storing an unencrypted password in your database??you have to use these lines.... public static void SavePasswordToDB() { SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["MyDBConnectionString"].ToString()); string strNewPassword = GeneratePassword().ToString(); SqlCommand cmd = new SqlCommand("INSERT INTO dbo.Users(UserPassword) Values('" + strNewPassword + "')", con); con.Open(); cmd.ExecuteNonQuery(); con.Close(); } } 这篇关于将密码保存到数据库的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！ 上岸，阿里云！