在登陆页面中输入用户名和密码,然后在其他的页面中想查看关于登录用户的信息,看大家都说用session,但是本人不会用,也不知道出了什么错误,请帮忙看一下!
using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
using System.Collections.Generic;
using System.Data.SqlClient;public partial class _Default : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{ }
protected void Button2_Click(object sender, EventArgs e)
{
String con = "server = NZX-PC;user id = sa;pwd = 123;database = master"; SqlConnection conn = new SqlConnection(con); SqlCommand cmd = new SqlCommand();
cmd.Connection = conn;
conn.Open(); String str="select count(*) from 登陆信息 where 用户名='"+TextBox1.Text+"'and 密码='"+TextBox2.Text+"'";
cmd = new SqlCommand(str,conn);
int result = Convert.ToInt32(cmd.ExecuteScalar());
if (result > 0)
{
Session["Name"] = TextBox1.Text;
Response.Redirect("管理首页.aspx");
}
else
{
TextBox1.Text = " ";
TextBox2.Text = " ";
} }
}
using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
using System.Collections.Generic;
using System.Data.SqlClient;public partial class _Default : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{ }
protected void Button2_Click(object sender, EventArgs e)
{
String con = "server = NZX-PC;user id = sa;pwd = 123;database = master"; SqlConnection conn = new SqlConnection(con); SqlCommand cmd = new SqlCommand();
cmd.Connection = conn;
conn.Open(); String str="select count(*) from 登陆信息 where 用户名='"+TextBox1.Text+"'and 密码='"+TextBox2.Text+"'";
cmd = new SqlCommand(str,conn);
int result = Convert.ToInt32(cmd.ExecuteScalar());
if (result > 0)
{
Session["Name"] = TextBox1.Text;
Response.Redirect("管理首页.aspx");
}
else
{
TextBox1.Text = " ";
TextBox2.Text = " ";
} }
}
在其他页面读Session["Name"]的值
if(Session["Name"]==null){
//跳入错误页面
}
else{
String Name=Session["Name"].ToString();
}
不知道楼主干什么 但楼主这句话有sql 注入的危险
string str="select pwd from 登陆信息 where 用户名='"+TextBox1.Text+";然后 得到的密码和你输入的密码比较来进行登录