<%@ WebHandler Language="C#" Class="CheckPriKey" %> using System; using System.Collections.Generic; using System.Web; using System.Data; using System.IO; using eMIS.Data; using System.Data.Common; using System.Text; using System.Web.SessionState; using eMIS; using System.Text.RegularExpressions; public class CheckPriKey : IHttpHandler, IRequiresSessionState { public void ProcessRequest (HttpContext context) { string userId = context.Session["passworduserid"].ToString(); string pw = DataManager.UrlDecode( context.Request.QueryString["pw"].ToString()); DataManager dm = new DataManager(); Regex regex = new Regex(@"(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z]).{8,30}", RegexOptions.Multiline | RegexOptions.IgnorePatternWhitespace); if (!regex.IsMatch(pw)) { context.Response.Write("err"); context.Response.End(); } dm.ExecuteNonQuery("update com_yhb set password='" + eMIS.Security.Common.HashStringWithMD5(pw) + "' where id=?", userId); dm.ExecuteNonQuery("delete XT_LCRWYZ where userid='" + userId + "' and action=3"); context.Response.Write("ok"); } public bool IsReusable { get { return false; } } }