2

我是一个全新的...

我正在尝试在 VS2010 中登录我的网站,该网站通过 asp.net 连接到现有的 SQL Server 2008 Express 数据库,使用 C# 作为背后的代码。

这是我的login.aspx.cs代码:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.IO;
using System.Net.Mail;
using System.Data.SqlClient;
using System.Web.Configuration;

public partial class Login : BasePage
{
    protected void Page_Load(object sender, EventArgs e)
    {
    }

    protected void btnlogin_Click(object sender, EventArgs e)
    {
        int Results = 0;

        if (txtUsername.Text != string.Empty && txtPassword.Text != string.Empty)
        {

            Results = Validate_Login(txtUsername.Text.Trim(), txtPassword.Text.Trim());

            if (Results == 1)
            {
                lblMessage.Text = "Login is Good, Send user to another page or enable controls.";
            }
            else
            {
                lblMessage.Text = "Username or Password is incorrect.";
                lblMessage.ForeColor = System.Drawing.Color.Red;
            }
        }
        else
        {
            lblMessage.Text = "Please make sure that your username and password is correct.";
        }
    }

    protected int Validate_Login(String Username, String Password)
    {
        SqlConnection con = new SqlConnection(@"Server=MARIOM-PC\SQLEXPRESS;Database=Logon");

        SqlCommand cmdselect = new SqlCommand();

        cmdselect.CommandType = System.Data.CommandType.StoredProcedure;

        cmdselect.CommandText = "[dbo].[prcLoginv]";

        cmdselect.Parameters.Add("@Username", System.Data.SqlDbType.VarChar, 50).Value = Username;
        cmdselect.Parameters.Add("@Password", System.Data.SqlDbType.VarChar, 50).Value = Password;
        cmdselect.Parameters.Add("@OutRes", System.Data.SqlDbType.Int, 4);
        cmdselect.Parameters["@OutRes"].Direction = System.Data.ParameterDirection.Output;

        cmdselect.Connection = con;

        int Results = 0;

        try
        {
            con.Open();

            cmdselect.ExecuteNonQuery();

            Results = (int)cmdselect.Parameters["@OutRes"].Value;
        }
        catch (SqlException ex)
        {
            lblMessage.Text = ex.Message;
        }
        finally
        {
            cmdselect.Dispose();

            if (con != null)
            {
                con.Close();
            }
        }

        return Results;
    }
}

当我单击我的登录按钮时,它会将我带到我的 C# 代码,在该代码后面应该遍历btn_Login_Click,然后是Validate_Login方法。但是它没有用正确的信息正确更新我的登录页面。我总是收到“密码错误”错误。

请帮忙!

4

1 回答 1

2

我建议您使用 Windows 窗体身份验证

为 sql server 数据库设置表单身份验证

转到 C:>>Windows>>Microsoft.Net>Framework>>你的版本示例挖掘 v4.0>>aspnet_reqsql.exe

它是为您的特定数据库设置表单身份验证方案的向导。

然后在你的 web.config

<connectionStrings>
    <add name="ConnectionStringName" connectionString="*********" providerName="System.Data.SqlClient"/>
  </connectionStrings>
  <system.web>
    <roleManager enabled="true"/>
    <compilation debug="true" targetFramework="4.0">
      <assemblies>
        <add assembly="System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
        <add assembly="System.Design, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A"/>
        <add assembly="System.Web.Extensions.Design, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
      </assemblies>
    </compilation>
    <authentication mode="Forms">
      <forms loginUrl="login.aspx"/>
    </authentication>
    <membership defaultProvider="SqlProvider">
      <providers>
        <clear/>
        <add connectionStringName="ConnectionStringName" applicationName="/" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="true" passwordFormat="Hashed" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" name="SqlProvider" type="System.Web.Security.SqlMembershipProvider"/>
      </providers>
    </membership>
  </system.web>

登录.aspx

只需将登录控件拖放到您的页面,您就可以使用网站管理工具来设置权限和用户,并限制某些文件夹中的用户。

于 2012-12-02T08:50:31.180 回答