ASP.NET笔记之Session、http、web开发原则、xss漏洞的详细介绍
1、session
2、验证码
yzm.ashx
<%@ webhandler language="c#" class="yzm" %>
using system;
using system.web;
public class yzm : ihttphandler, system.web.sessionstate.irequiressessionstate
{
public void processrequest (httpcontext context) {
context.response.contenttype = "image/jpeg";
using (system.drawing.bitmap bitimage = new system.drawing.bitmap(130, 100))
{
//设置画布
using (system.drawing.graphics g = system.drawing.graphics.fromimage(bitimage))
{
//随机数字
random my_random = new random();
int num_01 = my_random.next(100);
int num_02 = my_random.next(100);
int result = num_01 + num_02;
string num_string01 = num_01.tostring();
string num_string02 = num_02.tostring();
string result_string = result.tostring();
//保存到服务器的sessionid中
httpcontext.current.session["yzm"] = result_string;
//设置文字
g.drawstring(num_string01 +"+"+ num_string02+"?", new system.drawing.font("宋体", 20), system.drawing.brushes.red, new system.drawing.pointf(0, 0));
//保存到输出流中
bitimage.save(context.response.outputstream, system.drawing.imaging.imageformat.jpeg);
}
}
}
public bool isreusable {
get {
return false;
}
}
}
yzm.aspx
<form id="form1" runat="server">
<div>
<%--单击刷新验证码--%>
<img src="yzm.ashx" alt="请输入验证码" onclick="this.src='yzm.ashx?aaa='+new date()" />
</div>
<asp:textbox id="textbox1" runat="server" text=""></asp:textbox>
<asp:button id="button1" runat="server" onclick="button1_click" text="button" />
</form>
3、http协议
4、按钮实现标哥行删除效果 超链接提交表单
5、web开发原则
6、xss漏洞
label类似控件:literal控件,如果 属性中text的值为<a href="www.baidu.com">hah</a>可以会被嵌入链接,
可以设置mode属性为encode
7、虚拟目录~ :asp.net中使用,始终在应用程序根目录下开始