We all know that web.config can save the connection string, we are doing this in the program, web.config is XML, so it has a clear structure, it is easy to read it, but this also has a Question, our database is completely exposed to people who browse the file, this is what we don't want. We can use a simple and effective encryption algorithm to encrypt this connection character, and people who directly browse the file cannot be clearly seen. We generally save the connection string in the following form: for ourselves You can see these encrypted characters. We need an additional program to generate these encrypted data (this extra program can be written very complicated but for explanation, we use simple base64 encoded data, this is not encrypted data, but The principle is the same). We build a WinForm project that is specifically used to generate clear text to ciphertext (base64) conversions, if other encryption algorithms can replace this encryption process. Transcoding button inside the following: private void button1_Click (object sender, System.EventArgs e) {byte [] data = System.Text.ASCIIEncoding.ASCII.GetBytes (this.textBox1.Text); string str = Convert.ToBase64String (data ); This.TextBox2.text = str;} where TextBox2 is the character after variation. We can take the connection characters in our web.config ("Server = localhost; database = TEST; PWD = SA; UID = SA;") taken out in this program to perform a new string (C2VydmvyPwxvy2FSAG9ZDDTKYXRHYMFZT10ZXN0O3B3ZD1ZYTT1AWQ9C2E7). Then we use this character to replace the uncoded string.
As shown below: Haha! I can't see it! But our procedure doesn't know :-( Don't matter, we know that the encryption algorithm so our program can understand, and finally how to use it in the program, our program needs to understand the meaning of this string, we are in the data access layer which add the following utility methods private string GetConnectionString () {string strconn = System.Configuration.ConfigurationSettings.AppSettings [ "ConnectionString"]; byte [] data = Convert.FromBase64String (strconn); string strRealConn = System.Text.ASCIIEncoding.ASCII This can get a real connection string. You can get a simple encryption (pseudo-encrypted, in fact, this article is implemented by an encoded rather than encrypted). Human eyes, but for understanding inside people still starts to what protective, so you can extend this algorithm, replacing the encoding algorithm in this case using symmetric or non-symmetrical encryption algorithms, so it is basically unlunnamen. To use For additional algorithm encrypted data, please refer to http://www.9cbs.net/develop/read_article.asp?id=23386, please refer to other articles for other articles, please Changed right away. Thank you!
