Md5加密算法

通过在注册和登录时，使用md5加密算法，提高系统安全性。

package com.dyoon.util;

import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.logging.Level;
import java.util.logging.Logger;

public class Md5Util {

public static String md5(String inputString) {
if (inputString == null) {
return "";
} else {
String value = null;
MessageDigest md5 = null;
try {
md5 = MessageDigest.getInstance("MD5");
} catch (NoSuchAlgorithmException ex) {
Logger.getLogger(Md5Util.class.getName()).log(Level.SEVERE, null, ex);
}
sun.misc.BASE64Encoder baseEncoder = new sun.misc.BASE64Encoder();
try {
value = baseEncoder.encode(md5.digest(inputString.getBytes("utf-8")));
} catch (Exception ex) {
}
return value;
}
}
}

在注册和登录时，加密码使用md5算法，如下：

@RequestMapping(value = "/register")
@Token(save=true)
public ModelAndView register(HttpServletRequest request, HttpServletResponse response) {


ModelAndView mv = new ModelAndView();
Member newMember = new Member();
boolean flag = checkMembername(request.getParameter("memberName"));
if (flag == true) {
mv.addObject("msg", "用户名已存在");
mv.setViewName("register");
} else {
newMember.setMemberName(request.getParameter("memberName"));
newMember.setPassword(Md5Util.md5(request.getParameter("password")));
newMember.setSex(request.getParameter("sex"));
newMember.setEmail(request.getParameter("email"));
newMember.setCity(request.getParameter("city"));
newMember.setPhone(request.getParameter("phone"));
newMember.setAddress(request.getParameter("address"));
memberService.save(newMember);


mv.addObject("msg", "注册成功");
mv.setViewName("account");
}
return mv;
}

@RequestMapping(value = "/login")
@Token(save=true)
public ModelAndView login(HttpSession session,HttpServletRequest request, PrintWriter out) {
ModelAndView mv = new ModelAndView();
Member member;
try {
member = memberService.findByMembername(request.getParameter("memberName"));
} catch (Exception e) {
member = null;
}
if (member == null||!(member.getPassword().equals(Md5Util.md5(request.getParameter("password"))))) {

mv.addObject("flag", "false");
mv.setViewName("account");
}  else {
//在session中保存用户信息
session.setAttribute("memberName", request.getParameter("memberName"));
//设置跳转页面
mv.setViewName("index");
}
return mv;
}

注册时，将密码加密，密文存进数据库；登录时，输入密码，表单提交，将提交的密码加密，与数据库中的密文比较，若相等，则登录成功，否则登录失败，重新定位到登录界面。