另外还好定义一个 Session --- personname
解决方案 »
- nhibernate的问题
- “纵横天地电子商旅服务有限公司技术研究院”有谁了解?
- 关于DataGrid的属性的使用
- |M| 如何用FrontPage 打开http://www.ontooniverse.com/这个网页, 因为这个网不知道用了什么样的技术我无法找到他真正的网页网页面文件
- 新手上路就遇到一个纳闷问题
- 关于水晶报表的打印导出问题??
- 用c#怎么调用c++写的dll文件
- 关于Session变量传值得问题?急急急!!!!!!!!
- 请问asp怎样获得当前系统的时间
- window.open和showdialog的问题!
- 应用程序如何取得使用者在网页上注册后那一刻的事件
- asp.net中的事务
以及管理员登陆,选中check.box代表管理员登陆
public int DBAuthenticate(string strUser, string strPsw)
{
SqlConnection conn=new SqlConnection(ConfigurationSettings.AppSettings.GetValues("conString")[0]);
SqlCommand cmd=new SqlCommand("用户验证",conn);
cmd.CommandType=CommandType.StoredProcedure;
cmd.Parameters.Add("@username",strUser);
cmd.Parameters.Add("@password",strPsw.ToString()); conn.Open();
int intResult=(int)cmd.ExecuteScalar();
conn.Close(); return intResult;
}验证:
private void submit1_Click(object sender, System.EventArgs e)
{
if(!CheckBox1.Checked)
{
//通过验证
if (DBAuthenticate(txtID.Text,txtPsw.Text)==1)
{
FormsAuthentication.RedirectFromLoginPage(txtID.Text,false);
Session["UserName"] = txtID.Text;
Response.Redirect("community/");
}
else
{
Response.Redirect("Failed.aspx"); } }
else
{
if (FormsAuthentication.Authenticate("admin",txtPsw.Text))
{
FormsAuthentication.RedirectFromLoginPage("admin",false);
Session["state"] = "admin";
Response.Redirect("manage/advancemanage.aspx");
}
else if(AdminAuthenticate(txtID.Text,txtPsw.Text)==1 )
{
FormsAuthentication.RedirectFromLoginPage(txtID.Text,false);
Session["adminaccount"] = txtID.Text;
Response.Redirect("manage/");
}
else
{
Response.Write("<Script>alert('管理员密码错误')</Script>");
}
}
}
的 “用户验证”这么写对不对
select password from login where personname= @ personname
///////////////////////////////////////
using System;
using System.Collections;
using System.Collections.Specialized;
using System.Data.SqlClient;
using System.Data;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.HtmlControls;public class Login : PortalModuleControl {
public TextBox UserName;
public HtmlInputText Password;
public HtmlContainerControl ErrorMsg; private bool Authenticate(String user, String pass) {
bool authenticated = false;
try {
String dsn = (String) ((NameValueCollection) Context.GetConfig("system.web/dsnstore"))["portaldb"];
SqlCommand myCommand = new SqlCommand();
myCommand.Connection = new SqlConnection(dsn) ;
myCommand.Connection.Open();
myCommand.CommandText = "sp_ValidateUser" ;
myCommand.CommandType = CommandType.StoredProcedure ; SqlParameter myUserId = new SqlParameter("@UserId", SqlDbType.NVarChar, 20);
myUserId.Value = user.Trim();
myCommand.Parameters.Add(myUserId); SqlParameter myPassword = new SqlParameter("@Password",SqlDbType.NVarChar, 15);
myPassword.Value = pass.Trim();
myCommand.Parameters.Add(myPassword); SqlParameter IsValid = new SqlParameter("@IsValid",SqlDbType.Int);
IsValid.Direction = ParameterDirection.Output;
myCommand.Parameters.Add(IsValid);
myCommand.ExecuteNonQuery(); if (((int)IsValid.Value) == 1)
authenticated =true;
}
catch(Exception e) {
}
return authenticated;
} protected void SubmitBtn_Click(Object sender, EventArgs e) {
if (Authenticate(UserName.Text, Password.Value)) {
System.Web.Security.FormsAuthentication.SetAuthCookie(UserName.Text, true);
Response.Redirect("/quickstart/aspplus/samples/portal/CS/default.aspx");
}
else {
ErrorMsg.Visible = true;
}
}
}
using System.Collections;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Web;
using System.Web.SessionState;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.HtmlControls;
using System.Collections.Specialized;
using System.Data.SqlClient;namespace fenye1
{
/// <summary>
/// login 的摘要说明。
/// </summary>
public class login : System.Web.UI.Page
{
protected System.Web.UI.WebControls.TextBox UserName;
protected System.Web.UI.HtmlControls.HtmlInputText Password;
protected System.Web.UI.HtmlControls.HtmlInputButton SubmitBtn;
protected System.Web.UI.HtmlControls.HtmlGenericControl ErrorMsg;
private void Page_Load(object sender, System.EventArgs e)
{
// 在此处放置用户代码以初始化页面
} #region Web Form Designer generated code
override protected void OnInit(EventArgs e)
{
//
// CODEGEN:该调用是 ASP.NET Web 窗体设计器所必需的。
//
InitializeComponent();
base.OnInit(e);
}
/// <summary>
/// 设计器支持所需的方法 - 不要使用代码编辑器修改
/// 此方法的内容。
/// </summary>
private void InitializeComponent()
{
this.SubmitBtn.ServerClick += new System.EventHandler(this.SubmitBtn_ServerClick);
this.Load += new System.EventHandler(this.Page_Load); }
#endregion
private bool Authenticate(String user, String pass)
{
bool authenticated = false;
try
{
string dsn = System.Configuration.ConfigurationSettings.AppSettings["DbConnSql110"];
SqlConnection cn = new SqlConnection(dsn) ;
string sql2= "select * from ghsys_person where personname = @personname and personlogin = @psw";
SqlCommand myCommand = new SqlCommand(sql2,cn);
myCommand.Parameters.Add(new SqlParameter("@personname",SqlDbType.NVarChar,20));
myCommand.Parameters["@personname"].Value=UserName.Text.ToString().Trim();
myCommand.Parameters.Add(new SqlParameter("@psw",SqlDbType.NVarChar,20));
myCommand.Parameters["@psw"].Value=Password.Value .ToString().Trim();
SqlDataReader dr = myCommand.ExecuteReader();
if (dr.Read())
{
authenticated =true;//创建会话,获得 personid
System.Web.HttpContext WEBHTTP = System.Web.HttpContext.Current;
WEBHTTP.Session.Clear();
WEBHTTP.Session["Person_name"] = dr["PersonName"];
WEBHTTP.Session["person_id"] = dr["PersonID"];
}
}
catch(Exception e)
{
}
return authenticated;
}private void SubmitBtn_ServerClick(object sender, System.EventArgs e)
{
if (Authenticate(UserName.Text.ToString().Trim(), Password.Value.ToString().Trim()))
{
System.Web.Security.FormsAuthentication.SetAuthCookie(UserName.Text, true);
Response.Redirect("defult.aspx");//转到首页
}
else
{
ErrorMsg.Visible = true;
}
} }}
http://expert.csdn.net/Expert/topic/2306/2306253.xml?temp=.4711573