共用方式為


MembershipUser.GetPassword 方法

定義

從成員資格資料存放區取得成員資格使用者的密碼。

多載

GetPassword()

從成員資格資料存放區取得成員資格使用者的密碼。

GetPassword(String)

從成員資格資料存放區取得成員資格使用者的密碼。

GetPassword()

從成員資格資料存放區取得成員資格使用者的密碼。

public:
 virtual System::String ^ GetPassword();
public virtual string GetPassword ();
abstract member GetPassword : unit -> string
override this.GetPassword : unit -> string
Public Overridable Function GetPassword () As String

傳回

成員資格使用者的密碼。

例外狀況

這個方法無法使用。 如果應用程式以 .NET Framework 4 用戶端配置檔為目標,就會發生這種情況。 若要避免這個例外狀況,請覆寫方法,或將應用程式變更為以完整版本的 .NET Framework 為目標。

範例

下列程式代碼範例會 GetPassword 呼叫 方法來擷取指定使用者名稱的密碼。 密碼會傳送至使用者的電子郵件位址。 請注意, RequiresQuestionAndAnswer 假設 為 false

注意

對於需要高安全性的網站,不建議使用電子郵件以純文本傳回密碼。 針對高安全性網站,建議您使用加密來傳回密碼,例如 SSL。

重要

此範例包含一個文本框,可接受用戶輸入,這是潛在的安全性威脅。 根據預設,ASP.NET Web 網頁會驗證使用者輸入未包含指令碼或 HTML 項目。 如需詳細資訊,請參閱 Script Exploits Overview (指令碼攻擊概觀)。

<%@ Page Language="C#" %>
<%@ Import Namespace="System.Web.Security" %>
<%@ Import Namespace="System.Web.Mail" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">

public void Page_Load(object sender, EventArgs args)
{
  if (!Membership.EnablePasswordRetrieval)
  {
    FormsAuthentication.RedirectToLoginPage();
  }

  Msg.Text = "";

  if (!IsPostBack)
  {
    Msg.Text = "Please supply a username.";
  }
  else
  {
    VerifyUsername();
  }
}


public void VerifyUsername()
{
    MembershipUser u = Membership.GetUser(UsernameTextBox.Text, false);

    if (u == null)
    {
      Msg.Text = "Username " + Server.HtmlEncode(UsernameTextBox.Text) + " not found. Please check the value and re-enter.";

      EmailPasswordButton.Enabled = false;
    }
    else
    {
      EmailPasswordButton.Enabled = true;
    }
}


public void EmailPassword_OnClick(object sender, EventArgs args)
{
  MembershipUser u = Membership.GetUser(UsernameTextBox.Text, false);
  string password;

  if (u != null)
  {
    try
    {
      password = u.GetPassword();
    }
    catch (Exception e)
    {
      Msg.Text = "An exception occurred retrieving your password: " + Server.HtmlEncode(e.Message);
      return;
    }

    EmailPassword(u.Email, password);
    Msg.Text = "Password sent via email.";
  }
  else
  {
    Msg.Text = "User name is not valid. Please check the value and try again.";
  }
}


private void EmailPassword(string email, string password)
{
  try
  {
    MailMessage Message = new MailMessage();
    Message.To = email;
    Message.From = "administrator";
    Message.Subject = "Your Password";
    Message.Body = "Your password is: " + Server.HtmlEncode(password);

    SmtpMail.SmtpServer = "smarthost";
    SmtpMail.Send(Message);
  }
  catch 
  {
    Msg.Text = "An exception occurred sending your password. Please try again.";
  }
}

</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Sample: Retrieve Password</title>
</head>
<body>

<form id="form1" runat="server">
  <h3>Retrieve Password</h3>

  <asp:Label id="Msg" runat="server" ForeColor="maroon" /><br />

  Username: <asp:Textbox id="UsernameTextBox" Columns="30" runat="server" AutoPostBack="true" />
            <asp:RequiredFieldValidator id="UsernameRequiredValidator" runat="server"
                                        ControlToValidate="UsernameTextBox" ForeColor="red"
                                        Display="Static" ErrorMessage="Required" /><br />

  <asp:Button id="EmailPasswordButton" Text="Email My Password" 
              OnClick="EmailPassword_OnClick" runat="server" Enabled="false" />

</form>

</body>
</html>
<%@ Page Language="VB" %>
<%@ Import Namespace="System.Web.Security" %>
<%@ Import Namespace="System.Web.Mail" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">

Public Sub Page_Load(sender As Object, args As EventArgs)
  If Not Membership.EnablePasswordRetrieval Then
    FormsAuthentication.RedirectToLoginPage()
  End If

  Msg.Text = ""

  If Not IsPostBack Then
    Msg.Text = "Please supply a username."
  Else
    VerifyUsername()
  End If
End Sub


Public Sub VerifyUsername()
    Dim u As MembershipUser = Membership.GetUser(UsernameTextBox.Text, False)

    If u Is Nothing Then
      Msg.Text = "Username " & Server.HtmlEncode(UsernameTextBox.Text) & " not found. Please check the value and re-enter."

      EmailPasswordButton.Enabled = False
    Else
      EmailPasswordButton.Enabled = True
    End If
End Sub


Public Sub EmailPassword_OnClick(sender As Object, args As EventArgs)
  Dim u As MembershipUser = Membership.GetUser(UsernameTextBox.Text, False)
  Dim password As String

  If Not u Is Nothing Then
    Try
      password = u.GetPassword()
      Catch e As Exception
        Msg.Text = "An exception occurred retrieving your password: " & Server.HtmlEncode(e.Message)
        Return
    End Try

    EmailPassword(u.Email, password)
    Msg.Text = "Password sent via email."
  Else
    Msg.Text = "Password Answer is not valid. Please check the value and try again."
  End If
End Sub


Private Sub EmailPassword(email As String, password As String)
  Try
    Dim Message As MailMessage = New MailMessage()
    Message.To = email
    Message.From = "administrator"
    Message.Subject = "Your Password"
    Message.Body = "Your password is: " & Server.HtmlEncode(password)

    SmtpMail.SmtpServer = "smarthost"
    SmtpMail.Send(Message)
  Catch 
    Msg.Text = "An exception occurred sending your password. Please try again."
  End Try
End Sub

</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Sample: Retrieve Password</title>
</head>
<body>

<form id="form1" runat="server">
  <h3>Retrieve Password</h3>

  <asp:Label id="Msg" runat="server" ForeColor="maroon" /><br />

  Username: <asp:Textbox id="UsernameTextBox" Columns="30" runat="server" AutoPostBack="true" />
            <asp:RequiredFieldValidator id="UsernameRequiredValidator" runat="server"
                                        ControlToValidate="UsernameTextBox" ForeColor="red"
                                        Display="Static" ErrorMessage="Required" /><br />

  <asp:Button id="EmailPasswordButton" Text="Email My Password" 
              OnClick="EmailPassword_OnClick" runat="server" Enabled="false" />

</form>

</body>
</html>

備註

GetPassword MembershipProvider.GetPassword會呼叫 屬性所參考ProviderName之成員資格提供者的 方法,以從成員資格數據存放區擷取成員資格的密碼。

如果 為 EnablePasswordRetrievalfalse,則成員資格提供者會傳回例外狀況。 如果提供者支持 的密碼搭配 PasswordFormatHashed的 ,您將無法擷取成員資格用戶的密碼,而且在使用者忘記其密碼時,應考慮使用 ResetPassword 方法。

注意

ConfigurationException如果 enablePasswordRetrieval 設定true為,且passwordFormat在 ASP.NET 應用程式的 Web.config 檔案中設定Hashed為 ,則會擲回 。

如果 RequiresQuestionAndAnswertrue,您必須使用採用 GetPassword 密碼答案做為參數的多載,併為成員資格使用者提供密碼答案。 如果需要密碼答案,並提供不正確的密碼答案, MembershipPasswordException 成員資格提供者會擲回 。

另請參閱

適用於

GetPassword(String)

從成員資格資料存放區取得成員資格使用者的密碼。

public:
 virtual System::String ^ GetPassword(System::String ^ passwordAnswer);
public virtual string GetPassword (string passwordAnswer);
abstract member GetPassword : string -> string
override this.GetPassword : string -> string
Public Overridable Function GetPassword (passwordAnswer As String) As String

參數

passwordAnswer
String

成員資格使用者的密碼解答。

傳回

成員資格使用者的密碼。

例外狀況

這個方法無法使用。 如果應用程式以 .NET Framework 4 用戶端配置檔為目標,就會發生這種情況。 若要避免這個例外狀況,請覆寫方法,或將應用程式變更為以完整版本的 .NET Framework 為目標。

範例

下列程式代碼範例會呼叫 GetPassword 方法,以在提供正確的密碼答案時擷取指定使用者名稱的密碼。 密碼會傳送至使用者的電子郵件位址。

注意

對於需要高安全性的網站,不建議使用電子郵件以純文本傳回密碼。 針對高安全性網站,建議您使用加密來傳回密碼,例如 SSL。

重要

此範例包含一個文本框,可接受用戶輸入,這是潛在的安全性威脅。 根據預設,ASP.NET Web 網頁會驗證使用者輸入未包含指令碼或 HTML 項目。 如需詳細資訊,請參閱 Script Exploits Overview (指令碼攻擊概觀)。

<%@ Page Language="C#" %>
<%@ Import Namespace="System.Web.Security" %>
<%@ Import Namespace="System.Web.Mail" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">

public void Page_Load(object sender, EventArgs args)
{
  if (!Membership.EnablePasswordRetrieval)
  {
    FormsAuthentication.RedirectToLoginPage();
  }

  Msg.Text = "";

  if (!IsPostBack)
  {
    Msg.Text = "Please supply a username.";
  }
  else
  {
    VerifyUsername();
  }
}


public void VerifyUsername()
{
    MembershipUser u = Membership.GetUser(UsernameTextBox.Text, false);

    if (u == null)
    {
      Msg.Text = "Username " + Server.HtmlEncode(UsernameTextBox.Text) + " not found. Please check the value and re-enter.";

      QuestionLabel.Text = "";
      QuestionLabel.Enabled = false;
      AnswerTextBox.Enabled = false;
      EmailPasswordButton.Enabled = false;
    }
    else
    {
      QuestionLabel.Text = u.PasswordQuestion;
      QuestionLabel.Enabled = true;
      AnswerTextBox.Enabled = true;
      EmailPasswordButton.Enabled = true;
    }
}


public void EmailPassword_OnClick(object sender, EventArgs args)
{
  MembershipUser u = Membership.GetUser(UsernameTextBox.Text, false);
  string password;

  if (u != null)
  {
    try
    {
      password = u.GetPassword(AnswerTextBox.Text);
    }
    catch (Exception e)
    {
      Msg.Text = "An exception occurred retrieving your password: " + Server.HtmlEncode(e.Message);
      return;
    }

    EmailPassword(u.Email, password);
    Msg.Text = "Password sent via email.";
  }
  else
  {
    Msg.Text = "Password Answer is not valid. Please check the value and try again.";
  }
}


private void EmailPassword(string email, string password)
{
  try
  {
    MailMessage Message = new MailMessage();
    Message.To = email;
    Message.From = "administrator";
    Message.Subject = "Your Password";
    Message.Body = "Your password is: " + Server.HtmlEncode(password);

    SmtpMail.SmtpServer = "smarthost";
    SmtpMail.Send(Message);
  }
  catch 
  {
    Msg.Text = "An exception occurred sending your password. Please try again.";
  }
}

</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Sample: Retrieve Password</title>
</head>
<body>

<form id="form1" runat="server">
  <h3>Retrieve Password</h3>

  <asp:Label id="Msg" runat="server" ForeColor="maroon" /><br />

  Username: <asp:Textbox id="UsernameTextBox" Columns="30" runat="server" AutoPostBack="true" />
            <asp:RequiredFieldValidator id="UsernameRequiredValidator" runat="server"
                                        ControlToValidate="UsernameTextBox" ForeColor="red"
                                        Display="Static" ErrorMessage="Required" /><br />

  Password Question: <b><asp:Label id="QuestionLabel" runat="server" /></b><br />

  Answer: <asp:TextBox id="AnswerTextBox" Columns="60" runat="server" Enabled="false" />
          <asp:RequiredFieldValidator id="AnswerRequiredValidator" runat="server"
                                      ControlToValidate="AnswerTextBox" ForeColor="red"
                                      Display="Static" ErrorMessage="Required" Enabled="false" /><br />

  <asp:Button id="EmailPasswordButton" Text="Email My Password" 
              OnClick="EmailPassword_OnClick" runat="server" Enabled="false" />

</form>

</body>
</html>
<%@ Page Language="VB" %>
<%@ Import Namespace="System.Web.Security" %>
<%@ Import Namespace="System.Web.Mail" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">

Public Sub Page_Load(sender As Object, args As EventArgs)
  If Not Membership.EnablePasswordRetrieval Then
    FormsAuthentication.RedirectToLoginPage()
  End If

  Msg.Text = ""

  If Not IsPostBack Then
    Msg.Text = "Please supply a username."
  Else
    VerifyUsername()
  End If
End Sub


Public Sub VerifyUsername()
    Dim u As MembershipUser = Membership.GetUser(UsernameTextBox.Text, False)

    If u Is Nothing Then
      Msg.Text = "Username " & Server.HtmlEncode(UsernameTextBox.Text) & " not found. Please check the value and re-enter."

      QuestionLabel.Text = ""
      QuestionLabel.Enabled = False
      AnswerTextBox.Enabled = False
      EmailPasswordButton.Enabled = False
    Else
      QuestionLabel.Text = u.PasswordQuestion
      QuestionLabel.Enabled = True
      AnswerTextBox.Enabled = True
      EmailPasswordButton.Enabled = True
    End If
End Sub


Public Sub EmailPassword_OnClick(sender As Object, args As EventArgs)
  Dim u As MembershipUser = Membership.GetUser(UsernameTextBox.Text, False)
  Dim password As String

  If Not u Is Nothing Then
    Try
        password = u.GetPassword(AnswerTextBox.Text)
      Catch e As Exception
        Msg.Text = "An exception occurred retrieving your password: " & Server.HtmlEncode(e.Message)
        Return
    End Try

    EmailPassword(u.Email, password)
    Msg.Text = "Password sent via email."
  Else
    Msg.Text = "Password Answer is not valid. Please check the value and try again."
  End If
End Sub


Private Sub EmailPassword(email As String, password As String)
  Try
    Dim Message As MailMessage = New MailMessage()
    Message.To = email
    Message.From = "administrator"
    Message.Subject = "Your Password"
    Message.Body = "Your password is: " & Server.HtmlEncode(password)

    SmtpMail.SmtpServer = "smarthost"
    SmtpMail.Send(Message)
  Catch 
    Msg.Text = "An exception occurred sending your password. Please try again."
  End Try
End Sub

</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Sample: Retrieve Password</title>
</head>
<body>

<form id="form1" runat="server">
  <h3>Retrieve Password</h3>

  <asp:Label id="Msg" runat="server" ForeColor="maroon" /><br />

  Username: <asp:Textbox id="UsernameTextBox" Columns="30" runat="server" AutoPostBack="true" />
            <asp:RequiredFieldValidator id="UsernameRequiredValidator" runat="server"
                                        ControlToValidate="UsernameTextBox" ForeColor="red"
                                        Display="Static" ErrorMessage="Required" /><br />

  Password Question: <b><asp:Label id="QuestionLabel" runat="server" /></b><br />

  Answer: <asp:TextBox id="AnswerTextBox" Columns="60" runat="server" Enabled="false" />
          <asp:RequiredFieldValidator id="AnswerRequiredValidator" runat="server"
                                      ControlToValidate="AnswerTextBox" ForeColor="red"
                                      Display="Static" ErrorMessage="Required" Enabled="false" /><br />

  <asp:Button id="EmailPasswordButton" Text="Email My Password" 
              OnClick="EmailPassword_OnClick" runat="server" Enabled="false" />

</form>

</body>
</html>

備註

GetPassword MembershipProvider.GetPassword會呼叫 屬性所參考ProviderName之成員資格提供者的 方法,以從成員資格數據存放區擷取成員資格用戶的密碼。 如果需要密碼答案,並提供不正確的密碼答案, MembershipPasswordException 成員資格提供者會擲回 。

如果 為 EnablePasswordRetrievalfalse,則成員資格提供者會傳回例外狀況。 如果提供者支持 的密碼搭配 PasswordFormatHashed的 ,您將無法擷取成員資格用戶的密碼,而且在使用者忘記其密碼時,應考慮使用 ResetPassword 方法。

注意

ConfigurationException如果 enablePasswordRetrieval 設定true為,且passwordFormat在 ASP.NET 應用程式的 Web.config 檔案中設定Hashed為 ,則會擲回 。

如果 RequiresQuestionAndAnswerfalse,您可以為 answer 參數提供 null ,或使用GetPassword不採用任何參數的多載。

另請參閱

適用於