存储过程: CREATE procedure validateLogin @loginid varchar(50), @password varchar(50), @empid int output, @reason varchar(50) output as select EmpID from EmpBaseInfo where LoginID=@loginid if(@@RowCount<1) begin ---1 set @reason='NoEmp' set @empid=0 end -----1 else begin ----2 select EmpID from EmpBaseInfo where (LoginID=@loginid) and (Password=@password) if(@@rowcount<1) begin ----3 set @reason ='PWError' set @empid=0 end ------3 else begin -----4 select @empid=EmpID from EmpBaseInfo where(LoginID=@loginid) and (Password=@password and AllowLogin=1) if(@@rowcount<1) begin ----6 set @reason = 'unAllow' set @empid =0 end ------6 else begin ----7 set @reason ='access' end ----7 end -------4 end ------2 GO
string strSQL;
string strCon;
SqlConnection sqlcon;
SqlCommand sqlcom;
SqlDataAdapter sqlapter;//声明一个登陆验证函数
private void InitLoadVaiter(string LoginUserName,string LoginPassWord)
{
//连接数据库
strCon="SERVER=LOCALHOST;DATABASE=ZXP;USER ID=SA;PASSWORD=;";
//连接表
strSQL="SELECT * FROM LOGINTABLE WHERE LOGINNAME='" + LoginUserName + "'" +
"AND PASSWORD='" + LoginPassword + "'"; sqlcon=new sqlconnection(strCon);
sqlcon.open();//打开连接 sqlcom=new sqlcommand(strSQL,sqlcon);
sqlread=sqlcom.execureiReader();
if(sqlread.HashRow())
{
/*
如电输入的密码正确,则保存到Sexxion中
*/
while(sqlread.reader()==true)
{
Session["UserName"]=sqlread["LoginUserName"].tostring();
Session["PassWord"]=sqlread["LoginPassWord"].ToString();
}
//关闭读取流
sqlread.close()
}
else
{
Response.Write("<script>alert('用户名和密码错误,请与管理人员联系!')</script>");
return;//返回
} //释放系统资源
sqlcon.close();
sqlcon.disponse();
}
using System.Data.OleDb;private void submit1_Click(object sender, System.EventArgs e)
{
if(Page.IsPostBack)
{
if(Page.IsValid)
{
string psw="";
string msg="";
string strConnection="Provider=SQLOLEDB;packet size=4096;user id=sa;data source=202.197.37.79;persist security info=True;initial catalog=test_online;password=sa" string strSQL="select userID,userPassword from user_inf where userID='"+userID.Text.Trim()+"'";
//Response.Write(strSQL);调试时查看语句是否正确
OleDbConnection objConnection=new OleDbConnection(strConnection);
OleDbDataAdapter DaAd = new OleDbDataAdapter(strSQL,objConnection);
DataSet DataSetUser = new DataSet();
DaAd.Fill(DataSetUser);//不替表格取名字,表格名字就默认为0
if(DataSetUser.Tables[0].Rows.Count == 0)
{
msg="该用户不存在";
}
else
{
psw = DataSetUser.Tables[0].Rows[0]["userPassword"].ToString().Trim();
if(psw==password.Text)msg="登陆成功!";
else msg="密码不正确"; }
DataSetUser.Dispose();//释放DataSet
objConnection.Close();
message1.Text=msg;
}
}
}
using System.Data.OleDb;
如果是用SQL,改用using System.Data.SqlClient;后面的程序OleDbConnection,OleDbDataAdapter相应改成SQLConnection,SQLDataAdapter.使用OleDb,程序兼容性好一些.前台代码的自己加校验控件确认函数submit1_click()中的内容如下:
string psw="";
string msg="";
string strConnection="Provider=SQLOLEDB;packet size=4096;user id=sa;data source=202.197.37.79;persist security info=True;initial catalog=test_online;password=sa"string strSQL="select userID,userPassword from user_inf where userID='"+userID.Text.Trim()+"'";
//Response.Write(strSQL);调试时查看SQL语句是否正确OleDbConnection objConnection=new OleDbConnection(strConnection);//连接数据库
OleDbDataAdapter DaAd = new OleDbDataAdapter(strSQL,objConnection);
DataSet DataSetUser = new DataSet();
DaAd.Fill(DataSetUser);//不替表格取名字,表格名字就默认为0
if(DataSetUser.Tables[0].Rows.Count == 0)
{
msg="该用户不存在";
}
else
{
psw = DataSetUser.Tables[0].Rows[0]["userPassword"].ToString().Trim();
if(psw==password.Text)msg="登陆成功!";
else msg="密码不正确";
}
DataSetUser.Dispose();//释放DataSet
objConnection.Close();
message1.Text=msg; 有什么问题,请多多指教
CREATE procedure validateLogin
@loginid varchar(50),
@password varchar(50),
@empid int output,
@reason varchar(50) output
as
select EmpID from EmpBaseInfo where LoginID=@loginid
if(@@RowCount<1)
begin ---1
set @reason='NoEmp'
set @empid=0
end -----1
else
begin ----2
select EmpID from EmpBaseInfo where (LoginID=@loginid)
and (Password=@password)
if(@@rowcount<1)
begin ----3
set @reason ='PWError'
set @empid=0
end ------3
else
begin -----4
select @empid=EmpID from EmpBaseInfo where(LoginID=@loginid) and
(Password=@password and AllowLogin=1)
if(@@rowcount<1)
begin ----6
set @reason = 'unAllow'
set @empid =0
end ------6
else
begin ----7
set @reason ='access'
end ----7
end -------4
end ------2
GO