小弟做页面验证的时候碰见了一个比较郁闷的问题~~~不知道怎么做的,反正调试的时候就是不出来,还不说通没通过严整就是if 和 else 里面的验证都不执行~~~求高手帮我调试,并且支持错误代码和解决办法~源代码:WebUserManager.rar下载地址:ftp1.nofeehost.comname is: blackangelCanpassword is: 4121887谢谢高手了~
解决方案 »
- GridView 中动态获取选中单元格的值(多选)
- 从XML读取日期
- 为什么在我的项目里DropDownList提交后它的值就为空了,而在别的项目里就不会?
- 请帮忙,求一SQL查询语句!
- 一个关于绑定的问题
- 100分~求助小问题一个。
- 能否向用户控件的构造函数添加参数???
- asp.net开发微信商城
- GridView1.Rows[e.NewIndex].Cells[1].Controls得到的是空值
- 水晶报表问题:我建了个数据集,建了个非类型ReportDocument,然后ReportDocument.setdatasource(ds);ReportDocument.load();最后绑定,�
- 怎么获得图片 宽度及高度
- ASP.NET有什么样的认证考试呢?
using System.Data;
using System.Data.SqlClient;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Text;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;public partial class _Default : System.Web.UI.Page
{
private static string sValidator = "";
private StringBuilder LetterList = new StringBuilder();
//private readonly string sValidatorImageUrl = "ValidateImage.aspx?Validator=";
protected void Page_Load(object sender, EventArgs e)
{
if (!Page.IsPostBack)
{
sValidator = CreateValidateString(6);
Label1.Text = sValidator;
}
}
protected void LoginBtn_Click(object sender, EventArgs e)
{
//如果拥护合法
if (Page.IsValid == true)
{
Message.Text = "验证码输入错误,请重新输入!!";
sValidator = CreateValidateString(6);
Label1.Text = sValidator;
return;
}
string userId = "";
IUser user = new User();
//对输入信息进行编码
string sUsername = Server.HtmlEncode(UserName.Text.Trim());
string sPassword = Server.HtmlEncode(Password.Text.Trim());
//获取用户信息
SqlDataReader recu = user.GetUserLoginByProc(sUsername, user.Encrypt(sPassword));
//判断用户是否合法
if (recu.Read())
{
userId = recu["UserID"].ToString();
}
recu.Close();
if ((userId != null) && (userId != ""))
{
Session["UserID"] = userId;
Response.Redirect("http://www.baidu.com");
}
else
{
sValidator = CreateValidateString(6);
Label1.Text = sValidator;
Message.Text = "您输入的用户名或密码有误请重新输入";
}
}
private int GetRandomint(int min, int max)
{
Random random = new Random();
return (random.Next(min, max));
}
private void InitLetterList()
{
for (int i = 0; i < 10; i++)
{
//添加数字
LetterList.Append(i.ToString());
}
for (int i = 0; i < 10; i++)
{
//添加大写
LetterList.Append(((char)((int)'a'+i)).ToString());
}
for (int i = 0; i < 10; i++)
{
//添加小写
LetterList.Append(((char)((int)'A' + i)).ToString());
}
}
private string CreateValidateString(int nLen)
{
InitLetterList();
//创建一个sb对象
StringBuilder sb = new StringBuilder(nLen);
for (int i = 0; i < nLen; i++)
{
int index = GetRandomint(0, LetterList.Length - 1);
sb.Append(LetterList[index].ToString());
LetterList.Remove(index, 1);
}
return (sb.ToString());
}
protected void CancelBtn_Click(object sender, EventArgs e)
{
UserName.Text = "";
Label1.Text = sValidator;
}
}
User.cs
using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Data.SqlClient;
using System.Security;
using System.Security.Principal;
using System.Security.Cryptography;
using System.Text;public interface IUser
{
/// <summary>
/// 使用SQL语句实现用户登录
/// </summary>
/// <param name="sUserName"></param>
/// <param name="sPassword"></param>
/// <returns></returns>
SqlDataReader GetUserLoginBySQL(string sUserName, string sPassword); /// <summary>
/// 使用存储过程实现用户登录
/// </summary>
/// <param name="sUserName"></param>
/// <param name="sPassword"></param>
/// <returns></returns>
SqlDataReader GetUserLoginByProc(string sUserName, string sPassword); /// <summary>
/// 获取所有用户信息
/// </summary>
/// <returns></returns>
SqlDataReader GetUsers(); /// <summary>
/// 获取单个用户信息
/// </summary>
/// <param name="nUserID"></param>
/// <returns></returns>
SqlDataReader GetSingleUser(int nUserID); /// <summary>
/// 注册一个新用户
/// </summary>
/// <param name="sUserName"></param>
/// <param name="sPassword"></param>
/// <param name="sEmail"></param>
/// <returns></returns>
int AddUser(string sUserName, string sPassword, string sEmail); /// <summary>
/// 修改用户的信息
/// </summary>
/// <param name="nUserID"></param>
/// <param name="sEmail"></param>
/// <returns></returns>
int UpdateUser(int nUserID, string sEmail); /// <summary>
/// 修改用户密码
/// </summary>
/// <param name="nUserID"></param>
/// <param name="sPassword"></param>
/// <returns></returns>
int UpdateUserPwd(int nUserID, string sPassword); /// <summary>
/// 设置用户的管理员权限
/// </summary>
/// <param name="nUserID"></param>
/// <param name="bIsAdmin"></param>
/// <returns></returns>
int UpdateUserAdmin(int nUserID, bool bIsAdmin); /// <summary>
/// 删除用户
/// </summary>
/// <param name="nUserID"></param>
/// <returns></returns>
int DeleteUser(int nUserID); /// <summary>
/// 加密函数
/// </summary>
/// <param name="password"></param>
/// <returns></returns>
string Encrypt(string password);
}/// <summary>
/// User 的摘要说明
/// </summary>
public class User : IUser
{
private static readonly string GETUSERS = "SELECT * FROM Users";
private static readonly string GETSINGLEUSER = "SELECT * FROM Users WHERE UserID=";
private static readonly string ADDUSER = "INSERT INTO Users(UserName,Password,Email,IsAdmin)VALUES";
private static readonly string UPDATEUSER = "UPDATE Users SET Email=";
private static readonly string UPDATEUSERADMIN = "UPDATE Users SET IsAdmin=";
private static readonly string UPDATEUSERPASSWORD = "UPDATE Users SET Password=";
private static readonly string DELETEUSER = "DELETE Users WHERE UserID=";
private static readonly string GETUSERLOGINBYSQL = "SELECT UserID FROM Users WHERE UserName =";
{
///
} public SqlDataReader GetUserLoginBySQL(string sUserName, string sPassword)
{
///创建链接
SqlConnection myConnection = new SqlConnection(
ConfigurationManager.ConnectionStrings["SQLCONNECTIONSTRING"].ConnectionString); ///定义SQL语句
string cmdText = GETUSERLOGINBYSQL
+ "'" + sUserName.ToString() + "'"
+ " AND Password ="
+ "'" + sPassword.ToString() + "'";
///创建Command
SqlCommand myCommand = new SqlCommand(cmdText, myConnection); ///定义DataReader
SqlDataReader dr = null;
try
{
///打开链接
myConnection.Open();
///读取数据
dr = myCommand.ExecuteReader(CommandBehavior.CloseConnection);
}
catch (SqlException ex)
{
///抛出异常
throw new Exception(ex.Message, ex);
}
///返回DataReader
return dr;
} public SqlDataReader GetUserLoginByProc(string sUserName, string sPassword)
{
///创建链接
SqlConnection myConnection = new SqlConnection(
ConfigurationManager.ConnectionStrings["SQLCONNECTIONSTRING"].ConnectionString); ///创建Command
SqlCommand myCommand = new SqlCommand("Pr_GetUserLogin", myConnection);
///设置为执行存储过程
myCommand.CommandType = CommandType.StoredProcedure; ///添加存储过程的参数
SqlParameter pUserName = new SqlParameter("@UserName", SqlDbType.VarChar, 32);
pUserName.Value = sUserName;
myCommand.Parameters.Add(pUserName); SqlParameter pPassword = new SqlParameter("@Password", SqlDbType.VarChar, 255);
pPassword.Value = sPassword;
myCommand.Parameters.Add(pPassword); ///定义DataReader
SqlDataReader dr = null;
try
{
///打开链接
myConnection.Open();
///读取数据
dr = myCommand.ExecuteReader(CommandBehavior.CloseConnection);
}
catch (SqlException ex)
{
///抛出异常
throw new Exception(ex.Message, ex);
}
///返回DataReader
return dr;
} public SqlDataReader GetUsers()
{
///创建链接
SqlConnection myConnection = new SqlConnection(
ConfigurationManager.ConnectionStrings["SQLCONNECTIONSTRING"].ConnectionString);
///创建Command
SqlCommand myCommand = new SqlCommand(GETUSERS, myConnection); ///定义DataReader
SqlDataReader dr = null;
try
{
///打开链接
myConnection.Open();
///读取数据
dr = myCommand.ExecuteReader(CommandBehavior.CloseConnection);
}
catch (SqlException ex)
{
///抛出异常
throw new Exception(ex.Message, ex);
}
///返回DataReader
return dr;
} public SqlDataReader GetSingleUser(int nUserID)
{
///创建链接
SqlConnection myConnection = new SqlConnection(
ConfigurationManager.ConnectionStrings["SQLCONNECTIONSTRING"].ConnectionString); ///定义SQL语句
string cmdText = GETSINGLEUSER + "'" + nUserID.ToString() + "'";
///创建Command
SqlCommand myCommand = new SqlCommand(cmdText, myConnection); ///定义DataReader
SqlDataReader dr = null;
try
{
///打开链接
myConnection.Open();
///读取数据
dr = myCommand.ExecuteReader(CommandBehavior.CloseConnection);
}
catch (SqlException ex)
{
///抛出异常
throw new Exception(ex.Message, ex);
}
///返回DataReader
return dr;
} public int AddUser(string sUserName, string sPassword, string sEmail)
{
///创建链接
SqlConnection myConnection = new SqlConnection(
ConfigurationManager.ConnectionStrings["SQLCONNECTIONSTRING"].ConnectionString); ///定义SQL语句
string cmdText = ADDUSER + "("
+ "'" + sUserName + "',"
+ "'" + sPassword + "',"
+ "'" + sEmail + "',"
+ "'0'"
+ ")";
///创建Command
SqlCommand myCommand = new SqlCommand(cmdText, myConnection); ///定义返回值
int nResult = -1; try
{
///打开链接
myConnection.Open();
///执行SQL语句
nResult = myCommand.ExecuteNonQuery();
}
catch (SqlException ex)
{
///抛出异常
throw new Exception(ex.Message, ex);
}
finally
{ ///关闭链接
myConnection.Close();
}
///返回nResult
return nResult;
} public int UpdateUser(int nUserID, string sEmail)
{
///创建链接
SqlConnection myConnection = new SqlConnection(
ConfigurationManager.ConnectionStrings["SQLCONNECTIONSTRING"].ConnectionString); ///定义SQL语句
string cmdText = UPDATEUSER
+ "'" + sEmail + "'"
+ " WHERE UserID=" + "'"
+ nUserID.ToString() + "'";
///创建Command
SqlCommand myCommand = new SqlCommand(cmdText, myConnection); ///定义返回值
int nResult = -1; try
{
///打开链接
myConnection.Open();
///执行SQL语句
nResult = myCommand.ExecuteNonQuery();
}
catch (SqlException ex)
{
///抛出异常
throw new Exception(ex.Message, ex);
}
finally
{ ///关闭链接
myConnection.Close();
}
///返回nResult
return nResult;
} public int UpdateUserPwd(int nUserID, string sPassword)
{
///创建链接
SqlConnection myConnection = new SqlConnection(
ConfigurationManager.ConnectionStrings["SQLCONNECTIONSTRING"].ConnectionString); ///定义SQL语句
string cmdText = UPDATEUSERPASSWORD
+ "'" + sPassword + "'"
+ " WHERE UserID=" + "'"
+ nUserID.ToString() + "'";
///创建Command
SqlCommand myCommand = new SqlCommand(cmdText, myConnection); ///定义返回值
int nResult = -1; try
{
///打开链接
myConnection.Open();
///执行SQL语句
nResult = myCommand.ExecuteNonQuery();
}
catch (SqlException ex)
{
///抛出异常
throw new Exception(ex.Message, ex);
}
finally
{ ///关闭链接
myConnection.Close();
}
///返回nResult
return nResult;
}