Dim sql As String = "select * from admin" Dim conn As String = System.Configuration.ConfigurationManager.ConnectionStrings("znhConnectionStringall").ToString Dim command As SqlClient.SqlCommand = New SqlClient.SqlCommand(sql, New SqlClient.SqlConnection(conn)) command.Connection.Open() Dim datareader As SqlClient.SqlDataReader = command.ExecuteReader(CommandBehavior.CloseConnection) With datareader Dim A As Boolean Do While .Read = True If TextBox1.Text = datareader.Item(1) And TextBox2.Text = datareader.Item(2) Then Session("user_id") = datareader.Item(0).ToString Session("purview") = datareader.Item(3).ToString Response.Redirect("default2.aspx") A = True End If Loop If Not A Then Response.Write("<script language=javascript>alert('你输入的用户名/密码有错,请重新输入!!');history.go(-1)</script>") Response.End() End If End With 登陆页面写法如上, 接着第二个页面判断Session("user_id") 是否为空,如空就返回到登陆界面!! 我是这么写的,我的是vb.net
//Get CustomerID from database int CustomerID = SLManage.LoginCustomer(txt_LoginEmail.Text.Trim(),txt_Password.Text.Trim()); //write email,customerid in the cookie //HttpCookie CookieObj = new HttpCookie("LogonInfo"); //CookieObj["Email"] = txt_LoginEmail.Text.Trim(); //CookieObj["CustomerID"] = CustomerID.ToString(); //Response.Cookies.Add(CookieObj);//write email,customerid in the session Session["Email"] = txt_LoginEmail.Text.Trim(); Session["CustomerID"] = CustomerID.ToString();//return the come place if(ViewState["Return"] != null) { switch(ViewState["Return"].ToString()) { case "Cutomer": Response.Redirect("../Customer/CustomerDetail.aspx"); break; case "Cart": Response.Redirect("../Order/ShoppingCart.aspx"); break; case "MenuItemDetail": Response.Redirect("../Menu/MenuItemDetail.aspx?MenuItemID=" + Convert.ToInt32(ViewState["MenuItemID"])); break; default: Response.Redirect("../Main/Main.aspx"); break; } }
using System.Collections;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Web;
using System.Web.SessionState;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.HtmlControls;
namespace WebUI
{
/// <summary>
/// 登录
/// 师凯
/// 4.12
/// </summary>
public class index : WebBasic
{
protected System.Web.UI.HtmlControls.HtmlImage IMG1;
protected System.Web.UI.WebControls.TextBox TxtUserName;
protected System.Web.UI.WebControls.TextBox TxtUserPwd;
protected System.Web.UI.WebControls.TextBox TxtProxyID;
protected System.Web.UI.WebControls.Button BtnLogin;
protected System.Web.UI.WebControls.Button Button2;
protected System.Web.UI.WebControls.RequiredFieldValidator RequiredFieldValidator1;
protected System.Web.UI.WebControls.RequiredFieldValidator RequiredFieldValidator2;
protected System.Web.UI.WebControls.RequiredFieldValidator RequiredFieldValidator3;
protected System.Web.UI.WebControls.ValidationSummary ValidationSummary1;
protected System.Web.UI.WebControls.RegularExpressionValidator RegularExpressionValidator1;
protected System.Web.UI.WebControls.RegularExpressionValidator aa;
protected System.Web.UI.WebControls.Button BtnExit;
private void Page_Load(object sender, System.EventArgs e)
{
if(IsPostBack)
return;
Session["DBName"] = null;
Session["UserName"] = null;
} #region Web 窗体设计器生成的代码
override protected void OnInit(EventArgs e)
{
//
// CODEGEN: 该调用是 ASP.NET Web 窗体设计器所必需的。
//
InitializeComponent();
base.OnInit(e);
}
/// <summary>
/// 设计器支持所需的方法 - 不要使用代码编辑器修改
/// 此方法的内容。
/// </summary>
private void InitializeComponent()
{
this.BtnLogin.Click += new System.EventHandler(this.BtnLogin_Click);
this.Load += new System.EventHandler(this.Page_Load); }
#endregion
/// <summary>
/// 登录
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
private void BtnLogin_Click(object sender, System.EventArgs e)
{
string _StrDBName ;
if(TxtProxyID.Text.ToString().Trim() == "000")
_StrDBName = "LYC";
else
_StrDBName = "LYC" + Convert.ToInt32(TxtProxyID.Text.Trim()).ToString();
string _StrUserName = TxtUserName.Text.Trim();
/// 加密之后进行校验
string _StrPwd = MD5(TxtUserPwd.Text.Trim());
BC_User.WS_User _WS_User = new WebUI.BC_User.WS_User();
if(_WS_User.CheckUser(_StrDBName , _StrUserName , _StrPwd) != 0)
{
/// 登录失败
MsgBox("用户名或密码不正确!");
return;
}
else
{
/// 登录成功~~~
/// 判断是哪个权限组的
WebUI.BC_User.RoleGroup _RoleGroup = new WebUI.BC_User.RoleGroup();
_WS_User.CheckUserRoleGroup(_StrUserName , ref _RoleGroup); Session["DBName"] = _StrDBName;
Session["UserName"] = _StrUserName;
int _IntUserID = -1;
_WS_User.UserNameToUserID(_StrUserName , ref _IntUserID);
if(_IntUserID > 0)
Session["UserID"] = _IntUserID;
GetShopID();
/// 总部的跳转到总部页面
if(_RoleGroup == WebUI.BC_User.RoleGroup.ZongBu)
Goto("ZongBu/main.aspx" , WindowMode.Self);
else
Goto("WangDian/Main.aspx" , WindowMode.Self);
/// 网点在跳转到网点页面
}
} private void GetShopID()
{
BC_User.WS_User _WS_User = new WebUI.BC_User.WS_User();
int _IntShopID = 0;
if(_WS_User.GetShopIDByUserName(Session["DBName"].ToString() , Session["UserName"].ToString() , ref _IntShopID) != 0) return;
Session["ShopID"] = (object)_IntShopID;
}
}
}
登录的时候检测权限,把权限放到 Session里,然后判断该用户有些什么功能可以使用
Dim conn As String = System.Configuration.ConfigurationManager.ConnectionStrings("znhConnectionStringall").ToString
Dim command As SqlClient.SqlCommand = New SqlClient.SqlCommand(sql, New SqlClient.SqlConnection(conn))
command.Connection.Open()
Dim datareader As SqlClient.SqlDataReader = command.ExecuteReader(CommandBehavior.CloseConnection) With datareader
Dim A As Boolean
Do While .Read = True
If TextBox1.Text = datareader.Item(1) And TextBox2.Text = datareader.Item(2) Then
Session("user_id") = datareader.Item(0).ToString
Session("purview") = datareader.Item(3).ToString
Response.Redirect("default2.aspx")
A = True
End If
Loop
If Not A Then
Response.Write("<script language=javascript>alert('你输入的用户名/密码有错,请重新输入!!');history.go(-1)</script>")
Response.End() End If
End With
登陆页面写法如上,
接着第二个页面判断Session("user_id") 是否为空,如空就返回到登陆界面!!
我是这么写的,我的是vb.net
在其他页,判断 , page_load 中,if(session["logincheck"] == null) response.redirect("登陆页")
int CustomerID = SLManage.LoginCustomer(txt_LoginEmail.Text.Trim(),txt_Password.Text.Trim());
//write email,customerid in the cookie
//HttpCookie CookieObj = new HttpCookie("LogonInfo");
//CookieObj["Email"] = txt_LoginEmail.Text.Trim();
//CookieObj["CustomerID"] = CustomerID.ToString();
//Response.Cookies.Add(CookieObj);//write email,customerid in the session
Session["Email"] = txt_LoginEmail.Text.Trim();
Session["CustomerID"] = CustomerID.ToString();//return the come place
if(ViewState["Return"] != null)
{
switch(ViewState["Return"].ToString())
{
case "Cutomer":
Response.Redirect("../Customer/CustomerDetail.aspx");
break;
case "Cart":
Response.Redirect("../Order/ShoppingCart.aspx");
break;
case "MenuItemDetail":
Response.Redirect("../Menu/MenuItemDetail.aspx?MenuItemID=" + Convert.ToInt32(ViewState["MenuItemID"]));
break;
default:
Response.Redirect("../Main/Main.aspx");
break;
}
}