1

我基本上是在使用 VS2008 和 SQL Server 2005 创建一个网站,它以登录页面启动。现在我要验证用户输入的LoginIDPassword。一旦系统从数据库表中找到 ID 和密码,就会进行此身份验证。一旦找到,我想检查它是什么类型的用户 ieAdminCustomer. 如果用户是管理员,那么页面应该被重定向到abc.aspxelse cde.aspx

我的 LoginPage 前端是:

<tr>
<td class="style11"> Login </td>
<td>
<asp:TextBox ID="txtUserName" runat="server" Width="300px" CssClass="Textbox1"></asp:TextBox>
</td>
</tr>
<tr>
<td class="style11"> Password </td>
<td>
<asp:TextBox ID="txtPassword" runat="server" TextMode="Password" Width="300px" CssClass="Textbox1"></asp:TextBox>
</td>
</tr>
<tr>
<td colspan="2">
<asp:Button ID="btnSubmit" runat="server" OnClick="btnSubmit_Click" CssClass="btn1"
                    Text="Submit" />
<asp:Button ID="btnCancel" runat="server" OnClick="btnCancel_Click" CssClass="btn1"
                    Text="Cancel" />
</td>
</tr>

我的后端代码是:

//CODE 1
SqlDataSource sds = new SqlDataSource();
sds.ConnectionString = ConfigurationManager.ConnectionStrings["Gen_LicConnectionString3"].ToString();
sds.SelectParameters.Add("LoginID", TypeCode.String, this.txtUserName.Text);
sds.SelectParameters.Add("Password", TypeCode.String, this.txtPassword.Text);
sds.SelectCommand = "SELECT User_Type FROM [User_Details] WHERE [LoginID]=@LoginID AND [Password]=@Password";

    if (//Some Condition) //<-- Here I want to check the condition whether the User_Type is 'Admin' or 'Customer'
    {
        Response.Redirect("Lic_Gen.aspx"); //<-- If Admin
    }
    else
    {
        Response.Redirect("Cust_Page.aspx"); //<-- If Customer
    }


//CODE 2
//string connectionString = WebConfigurationManager.ConnectionStrings["Gen_LicConnectionString3"].ConnectionString;
    //string selectSQL = "SELECT User_Type FROM User_Details WHERE [LoginID]=@LoginID AND [Password] = @Password";
    //SqlConnection con = new SqlConnection(connectionString);
    //SqlCommand cmd = new SqlCommand(selectSQL, con);
    //SqlDataAdapter adapter = new SqlDataAdapter(cmd);
    //DataSet ds = new DataSet();

    //if (cmd.Equals(1))
    //{
    //    Response.Redirect("Lic_Gen.aspx");
    //}
    //else
    //{
    //    Response.Redirect("Cust_Page.aspx");
    //}
4

1 回答 1

0

这是不使用成员模型的最简单方法。这是一个使用数据读取器的简单方法。

    SqlDataReader sdrDatanew = null;
    string strnew;
    string connectionString = WebConfigurationManager.ConnectionStrings["Gen_LicConnectionString"].ConnectionString;
    SqlConnection connew = new SqlConnection(connectionString);
    connew.Open();
    strnew = "select User_Type from User_Details where User_Type='" + ddlUserSel.SelectedItem.Value + "' AND LoginID = '" + txtUserName.Text + "' AND Password = '" + txtPassword.Text + "'";
    SqlCommand sqlCommnew = new SqlCommand(strnew, connew);
    sdrDatanew = sqlCommnew.ExecuteReader();

    int userType = 0;

    if (sdrDatanew.HasRows)
    {
        if (sdrDatanew.Read())
        {
            userType = Convert.ToInt32(sdrDatanew["User_Type"].ToString());
        }
    }

    switch (userType)
    {
        case 0:
            Response.Redirect("Lic_Gen.aspx");
            break;
        case 1:
            Response.Redirect("Cust_Page.aspx");
            break;
        default:
            Console.WriteLine("Invalid User/Password");
            Console.ReadLine();
            break;
    }

    connew.Close();
于 2012-12-06T10:51:19.973 回答