我在userinfo设置了role项,在界面上有RadioButton学生和RadioButton教师,点击学生按钮进入学生界面,点击教师按钮进入教师界面
现在我的问题是不管角色正确与否都会提示我用户角色错误
部分代码如下:
if (student.Checked == true)
{
string user = userName.Text;
string pwd = passWord.Text;
if (bc.validate(user))
{
Response.Write("<script>alert('用户名中不能含有非法字符');history.back()</script>");
return;
}
if (bc.validate(pwd))
{
Response.Write("<script>alert('用户名中不能含有非法字符');history.back()</script>");
return;
}
if (user == "")
{
Response.Write(bc.MessageBox("用户名不能为空!"));
}
if (pwd == "")
{
Response.Write(bc.MessageBox("密码不能为空!"));
}
SqlConnection con = new SqlConnection(ConfigurationManager.AppSettings["strcon"]);
con.Open();
SqlCommand scd = new SqlCommand("select count(*) from userinfo where name='" + user + "' and password='" + pwd + "'", con);
int count = Convert.ToInt32(scd.ExecuteScalar());
if (count > 0)
{
SqlCommand sd = new SqlCommand("select name,password,role from userinfo where name='" +user + "'", con);
string name = Convert.ToString(sd.ExecuteScalar());
string password = Convert.ToString(sd.ExecuteScalar());
string role = Convert.ToString(sd.ExecuteScalar());
Session["name"] = name.ToString();
Session["password"] = password.ToString();
Session["role"] = role.ToString(); if (role.ToString() == student.Text)
{
Response.Redirect("student/Default.aspx", false);
}
else
{
Response.Write("<script>alert('该用户名角色错误,请重新输入!');history.back()</script>");
}
con.Close();
}
else
{
Response.Write("<script>alert('该用户名不存在或密码错误或未参加教学活动,请重新输入!');history.back()</script>");
return;
}
}
现在我的问题是不管角色正确与否都会提示我用户角色错误
部分代码如下:
if (student.Checked == true)
{
string user = userName.Text;
string pwd = passWord.Text;
if (bc.validate(user))
{
Response.Write("<script>alert('用户名中不能含有非法字符');history.back()</script>");
return;
}
if (bc.validate(pwd))
{
Response.Write("<script>alert('用户名中不能含有非法字符');history.back()</script>");
return;
}
if (user == "")
{
Response.Write(bc.MessageBox("用户名不能为空!"));
}
if (pwd == "")
{
Response.Write(bc.MessageBox("密码不能为空!"));
}
SqlConnection con = new SqlConnection(ConfigurationManager.AppSettings["strcon"]);
con.Open();
SqlCommand scd = new SqlCommand("select count(*) from userinfo where name='" + user + "' and password='" + pwd + "'", con);
int count = Convert.ToInt32(scd.ExecuteScalar());
if (count > 0)
{
SqlCommand sd = new SqlCommand("select name,password,role from userinfo where name='" +user + "'", con);
string name = Convert.ToString(sd.ExecuteScalar());
string password = Convert.ToString(sd.ExecuteScalar());
string role = Convert.ToString(sd.ExecuteScalar());
Session["name"] = name.ToString();
Session["password"] = password.ToString();
Session["role"] = role.ToString(); if (role.ToString() == student.Text)
{
Response.Redirect("student/Default.aspx", false);
}
else
{
Response.Write("<script>alert('该用户名角色错误,请重新输入!');history.back()</script>");
}
con.Close();
}
else
{
Response.Write("<script>alert('该用户名不存在或密码错误或未参加教学活动,请重新输入!');history.back()</script>");
return;
}
}
解决方案 »
- 有关GridView的设置问题
- 在vs2008中,ArrayList的方法没有了,???
- ASP.NET连接Oracle 显示的出来 不知道为什么更新数据就有问题
- 文件不存在aspxerrorpath
- 关于DropDownList请指教
- 在线等!!!关于框架内有滚动条,移动滚动条,框架内的图像串了。请问有何方法能解决这样的问题!!!谢谢!!!!
- 开发的机器上能发信,有箱里也能收到;上传到服务器上之后,发信也没有提示错误,但是邮箱收不到
- ASP.Net实现网页中所有文本内容的简繁体转换
- 关于命名空间的菜鸟级问题!
- File Field控件怎么不能赋值!!!
- 如何让跑马灯效果一直循环不间断
- Detailsview一般人肯定不知道
string name = Convert.ToString(sd.ExecuteScalar());
string password = Convert.ToString(sd.ExecuteScalar());
string role = Convert.ToString(sd.ExecuteScalar());
Session["name"] = name.ToString();
Session["password"] = password.ToString();
Session["role"] = role.ToString(); if (role.ToString() == student.Text)
{
Response.Redirect("student/Default.aspx", false);
}
else
{
Response.Write(" <script>alert('该用户名角色错误,请重新输入!');history.back() </script>");
}
我估计是这错了。
SqlCommand sd = new SqlCommand("select name,password,role from userinfo where name='" +user + "'", con);
sd.ExecuteScalar()返回是什么?好像是执行查询,并返回第一行的第一列值。
你下面执行那么多次,当然会出错了。
方法:
SQLDateRead read = sd.ExecuteRead();
if(read.HasRow)
{
while(read.Read())
{
string name = read["name"].toString();
string password = read["password"].toString();
string role = read["role"].toString();
Session["name"] = name.ToString();
Session["password"] = password.ToString();
Session["role"] = role.ToString();
然后再判断
............................ }
}
SqlCommand sd = new SqlCommand("select name,password,role from userinfo where name='" +user + "'", con);
string name = Convert.ToString(sd.ExecuteScalar());
string password = Convert.ToString(sd.ExecuteScalar());
string role = Convert.ToString(sd.ExecuteScalar());
有问题。 SqlCommand sd = new SqlCommand("select name,password,role from userinfo where name='" + user + "'", con);
SqlDataAdapter myAdapter = new SqlDataAdapter(sd);
DataSet mySet = new DataSet();
myAdapter.Fill(mySet);
DataRow userInfo = mySet.Tables[0].Rows[0]; string name = Convert.ToString(userInfo["name"]);
string password = Convert.ToString(userInfo["password"]);
string role = Convert.ToString(userInfo["role"]);
这样试试。
上面用DataSet,下面用DataReader。效率嘛,楼主这么的需求DataReader高些string name = "";
string password = "";
string role = "";
using (SqlConnection con = new SqlConnection(ConfigurationManager.AppSettings["strcon"]))
{
con.Open();
SqlCommand sd = new SqlCommand("select name,password,role from userinfo where name='" + user + "'", con);
using (SqlDataReader reader = sd.ExecuteReader(CommandBehavior.CloseConnection))
{
if (reader.Read())
{
name = Convert.ToString(reader["name"]);
password = Convert.ToString(reader["password"]);
role = Convert.ToString(reader["role"]);
Session["name"] = name;
Session["password"] = password;
Session["role"] = role;
}
else // 记录不存在
{
Response.Write(" <script>alert('该用户名不存在或密码错误或未参加教学活动,请重新输入!');history.back() </script>");
}
}
if (role == student.Text)
{
Response.Redirect("student/Default.aspx", false);
}
else
{
Response.Write(" <script>alert('该用户名角色错误,请重新输入!');history.back() </script>");
}