为什么我的form验证没有设置过期时间,但是登录成功之后还没一分钟再点其他的就会呗拦截到登录页面呢
from赋值代码
OleDbConnection conn = new OleDbConnection(System.Configuration.ConfigurationManager.ConnectionStrings["ConnStr"].ToString());
string sqlStr = "select UID from sq_user where UName=@uname and UPwd=@upwd";
OleDbParameter[] parameter ={
new OleDbParameter("@uname",OleDbType.VarChar,50),
new OleDbParameter("@upwd",OleDbType.VarChar,50)
};
parameter[0].Value = this.TextBox1.Text.Trim().ToLower();
parameter[1].Value =(new MyClass()).EncryptString(this.TextBox2.Text.Trim().ToLower(),"zhangsuyun");
OleDbDataReader dr = Microsoft.ApplicationBlocks.Data.OleDbHelper.ExecuteReader(conn, CommandType.Text, sqlStr, parameter);
if (dr.Read())
{
System.Web.Security.FormsAuthentication.RedirectFromLoginPage(dr["UID"].ToString(), false);
Response.Redirect("index.aspx");
}
else
{
Page.ClientScript.RegisterStartupScript(this.GetType(), "提示信息", "<script>alert('用户名或密码错误')</script>");
}
from赋值代码
OleDbConnection conn = new OleDbConnection(System.Configuration.ConfigurationManager.ConnectionStrings["ConnStr"].ToString());
string sqlStr = "select UID from sq_user where UName=@uname and UPwd=@upwd";
OleDbParameter[] parameter ={
new OleDbParameter("@uname",OleDbType.VarChar,50),
new OleDbParameter("@upwd",OleDbType.VarChar,50)
};
parameter[0].Value = this.TextBox1.Text.Trim().ToLower();
parameter[1].Value =(new MyClass()).EncryptString(this.TextBox2.Text.Trim().ToLower(),"zhangsuyun");
OleDbDataReader dr = Microsoft.ApplicationBlocks.Data.OleDbHelper.ExecuteReader(conn, CommandType.Text, sqlStr, parameter);
if (dr.Read())
{
System.Web.Security.FormsAuthentication.RedirectFromLoginPage(dr["UID"].ToString(), false);
Response.Redirect("index.aspx");
}
else
{
Page.ClientScript.RegisterStartupScript(this.GetType(), "提示信息", "<script>alert('用户名或密码错误')</script>");
}
我给你贴一下我的from验证的代码(测试用的 不是实际使用)protected void btn_login_Click(object sender, EventArgs e)
{
DateTime cookTime = new DateTime();
bool saveCookie = false;
switch (RBL1.SelectedValue)
{
case "0":
cookTime = DateTime.Now.AddMinutes(1);
break;
case "1":
cookTime = DateTime.Now.AddDays(1);
saveCookie = true;
break;
case "2":
cookTime = DateTime.Now.AddMonths(3);
saveCookie = true;
break;
} FormsAuthenticationTicket fat = new FormsAuthenticationTicket(1,
txt_username.Text,
DateTime.Now,
cookTime,
saveCookie,//持久性,若为True,需设置,Cookies的Expires属性,若为False,则关闭浏览器就会失效
"",
FormsAuthentication.FormsCookiePath);
HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName);
cookie.Value = FormsAuthentication.Encrypt(fat);
cookie.Expires = fat.Expiration;
cookie.Domain = ".xxxx.cn";
cookie.Path = FormsAuthentication.FormsCookiePath;
HttpContext.Current.Response.Cookies.Add(cookie);
Response.Redirect(FormsAuthentication.GetRedirectUrl(txt_username.Text, false), true);
}下面是web.config里面关于from验证的配置内容<system.web>
<authentication mode="Forms" >
<forms name=".test" protection="All" timeout="10" loginUrl="login.aspx" path="/" ></forms>
</authentication>
<machineKey validationKey="F9D1A2D3E1D3E2F7B3D9F90FF3965ABDAC304902" decryptionKey="F9D1A2D3E1D3E2F7B3D9F90FF3965ABDAC304902F8D923AC" validation="SHA1" />
</system.web>