开始我在master里写的权限处理 一切正常 之后为了页面的灵活性 把权限写到了globle里 之后项目里的图片就全不见了 图标也无法显示
master里
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
Page myPage = this.Page; FormsIdentity identity = (FormsIdentity)myPage.User.Identity;
FormsAuthenticationTicket ticket = identity.Ticket; string id = ticket.UserData;
string pagePath = Request.Path;
if (!HavePower(pagePath, id))
{
Response.Redirect("~/NoPower.aspx");
}
}
}
private bool HavePower(string path, string id)
{ bool result = false;
string pathId = "";
string userId = id;
try
{
using (DbConnection dbConn = AdoFactory.GetConnection())
{
dbConn.Open();
DbCommand dbComm1 = AdoFactory.GetCommand();
DbCommand dbComm2 = AdoFactory.GetCommand();
dbComm2.Connection = dbConn;
dbComm2.CommandText = "select * from Right_Path where pathName = " + "'" + path + "'";
DbDataReader dbReader = dbComm2.ExecuteReader(); if (dbReader.Read())
{
pathId = dbReader["ID"].ToString();
}
dbReader.Close();
dbComm1.Connection = dbConn;
dbComm1.CommandText = "select * from Right_pathInUser where userId = " + userId + " and pathId = " + pathId;
DbDataReader dbReader2 = dbComm1.ExecuteReader(); if (dbReader2.Read())
result = true;
dbReader2.Close();
}
}
catch (Exception e)
{
} return result;
}globle里
protected void Application_AuthenticateRequest(Object sender, EventArgs e)
{
if (Request.Path.Equals("/XJCommunity/Login.aspx") || Request.Path.Equals("/XJCommunity/NoPower.aspx"))
return;
try
{
FormsIdentity identity = (FormsIdentity)HttpContext.Current.User.Identity;
}
catch
{
Response.Redirect("~/NoPower.aspx");
} if (HttpContext.Current.User != null)
{
if (HttpContext.Current.User.Identity != null)
{
FormsIdentity identity = (FormsIdentity)HttpContext.Current.User.Identity;
if (identity.IsAuthenticated)
{
FormsAuthenticationTicket ticket = identity.Ticket;
string id = ticket.UserData;
string url = Request.Path;
if (!HavePower(url, id))
{
Response.Redirect("~/NoPower.aspx");
}
}
}
}
}
private bool HavePower(string path, string id)
{ bool result = false;
string pathId = "";
string userId = id;
try
{
using (DbConnection dbConn = AdoFactory.GetConnection())
{
dbConn.Open();
DbCommand dbComm1 = AdoFactory.GetCommand();
DbCommand dbComm2 = AdoFactory.GetCommand();
dbComm2.Connection = dbConn;
dbComm2.CommandText = "select * from Right_Path where pathName = " + "'" + path + "'";
DbDataReader dbReader = dbComm2.ExecuteReader();
if (dbReader.Read())
{
pathId = dbReader["ID"].ToString();
}
dbReader.Close();
dbComm1.Connection = dbConn;
dbComm1.CommandText = "select * from Right_pathInUser where userId = " + userId + " and pathId = " + pathId;
DbDataReader dbReader2 = dbComm1.ExecuteReader();
if (dbReader2.Read())
result = true;
dbReader2.Close();
}
}
catch (Exception e)
{ } return result;
}
望指教,谢.
master里
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
Page myPage = this.Page; FormsIdentity identity = (FormsIdentity)myPage.User.Identity;
FormsAuthenticationTicket ticket = identity.Ticket; string id = ticket.UserData;
string pagePath = Request.Path;
if (!HavePower(pagePath, id))
{
Response.Redirect("~/NoPower.aspx");
}
}
}
private bool HavePower(string path, string id)
{ bool result = false;
string pathId = "";
string userId = id;
try
{
using (DbConnection dbConn = AdoFactory.GetConnection())
{
dbConn.Open();
DbCommand dbComm1 = AdoFactory.GetCommand();
DbCommand dbComm2 = AdoFactory.GetCommand();
dbComm2.Connection = dbConn;
dbComm2.CommandText = "select * from Right_Path where pathName = " + "'" + path + "'";
DbDataReader dbReader = dbComm2.ExecuteReader(); if (dbReader.Read())
{
pathId = dbReader["ID"].ToString();
}
dbReader.Close();
dbComm1.Connection = dbConn;
dbComm1.CommandText = "select * from Right_pathInUser where userId = " + userId + " and pathId = " + pathId;
DbDataReader dbReader2 = dbComm1.ExecuteReader(); if (dbReader2.Read())
result = true;
dbReader2.Close();
}
}
catch (Exception e)
{
} return result;
}globle里
protected void Application_AuthenticateRequest(Object sender, EventArgs e)
{
if (Request.Path.Equals("/XJCommunity/Login.aspx") || Request.Path.Equals("/XJCommunity/NoPower.aspx"))
return;
try
{
FormsIdentity identity = (FormsIdentity)HttpContext.Current.User.Identity;
}
catch
{
Response.Redirect("~/NoPower.aspx");
} if (HttpContext.Current.User != null)
{
if (HttpContext.Current.User.Identity != null)
{
FormsIdentity identity = (FormsIdentity)HttpContext.Current.User.Identity;
if (identity.IsAuthenticated)
{
FormsAuthenticationTicket ticket = identity.Ticket;
string id = ticket.UserData;
string url = Request.Path;
if (!HavePower(url, id))
{
Response.Redirect("~/NoPower.aspx");
}
}
}
}
}
private bool HavePower(string path, string id)
{ bool result = false;
string pathId = "";
string userId = id;
try
{
using (DbConnection dbConn = AdoFactory.GetConnection())
{
dbConn.Open();
DbCommand dbComm1 = AdoFactory.GetCommand();
DbCommand dbComm2 = AdoFactory.GetCommand();
dbComm2.Connection = dbConn;
dbComm2.CommandText = "select * from Right_Path where pathName = " + "'" + path + "'";
DbDataReader dbReader = dbComm2.ExecuteReader();
if (dbReader.Read())
{
pathId = dbReader["ID"].ToString();
}
dbReader.Close();
dbComm1.Connection = dbConn;
dbComm1.CommandText = "select * from Right_pathInUser where userId = " + userId + " and pathId = " + pathId;
DbDataReader dbReader2 = dbComm1.ExecuteReader();
if (dbReader2.Read())
result = true;
dbReader2.Close();
}
}
catch (Exception e)
{ } return result;
}
望指教,谢.
应该和程序没有太大的关系.