您对以下函数类有什么改进建议吗?
好的,我如何进行注册会员登录
HttpCookie LoginInfo = new HttpCookie("LoginInfo");
LoginInfo.Values["UserName"] = srUserName;
LoginInfo.Values["Password"] = srPassword;
LoginInfo.Values["selectedLanguage"] = srSelectedLanguage;
Response.Cookies.Add(LoginInfo);
在这里我如何检查访问者是否登录
public static void controlOfLoginStatus()
{
string srQuery = "";
string srUserName = "";
string srPassword = "";
string srLang = "";
if (HttpContext.Current.Session["UserId"] == null)
{
if (HttpContext.Current.Request.Cookies["LoginInfo"] != null)
{
try
{
srUserName = HttpContext.Current.Request.Cookies["LoginInfo"]["UserName"].ToString();
srPassword = HttpContext.Current.Request.Cookies["LoginInfo"]["Password"].ToString();
srLang = HttpContext.Current.Request.Cookies["LoginInfo"]["selectedLanguage"].ToString();
}
catch
{
}
}
string srUserIdTemp = csPublicFunctions.ReturnUserIdUsernamePassword(srUserName, srPassword);
if (srUserIdTemp == "0")
{
HttpContext.Current.Session.Clear();
HttpContext.Current.Session.Abandon();
HttpContext.Current.Response.Redirect("Login");
}
else
{
csPublicFunctions.insertIntoOnlineUsers(srUserIdTemp, HttpContext.Current.Session.SessionID);
HttpContext.Current.Session["UserId"] = srUserIdTemp;
if (HttpContext.Current.Session["lang"] == null)
HttpContext.Current.Session["lang"] = srLang;
}
}
srQuery = "SELECT UserId " +
" FROM BannedUsers" +
" WHERE UserId = " + HttpContext.Current.Session["UserId"].ToString();
using (DataTable dtTemp = DbConnection.db_Select_DataTable(srQuery))
{
if (dtTemp.Rows.Count > 0)
{
HttpContext.Current.Response.Redirect("exit.aspx");
}
}
}
在这里我如何注销
public static void exitLogout()
{
string srQuery = "delete from OnlineUsers where UserId=" + HttpContext.Current.Session["UserId"].ToString();
DbConnection.db_Update_Delete_Query(srQuery);
try
{
HttpContext.Current.Session["UserId"] = "0";
HttpContext.Current.Session.Clear();
HttpContext.Current.Session.Abandon();
}
catch
{
}
try
{
HttpCookie LoginInfo = new HttpCookie("LoginInfo");
LoginInfo.Values["UserName"] = "21412zxcvzxc343245243vvc";
LoginInfo.Values["Password"] = "21412zxcvzxc343245243vvc";
LoginInfo.Values["selectedLanguage"] = "en";
HttpContext.Current.Response.Cookies.Add(LoginInfo);
}
catch
{
}
}
csPublicFunctions.ReturnUserIdUsernamePassword
使用参数化查询,因此没有 SQL 注入的风险