0

我知道是什么导致了我的代码中的重定向循环,我只是不确定如何修复它。首先,我的代码。

switch (Request.QueryString["Error_ID"])
{
    case "1":
        // Error Code 1 is when a user attempts to access the Admin section and does not have rights to.
        MultiView1.ActiveViewIndex = 1;
        break;
    case "2":
        // Error Code 2 is when a user is not currently Active.
        MultiView1.ActiveViewIndex = 2;
        break;
    default:
        // Default is View Index 0 for default access.
        MultiView1.ActiveViewIndex = 0;
        break;
}

// Get current username.
string userName = System.Security.Principal.WindowsIdentity.GetCurrent().Name;

// Test to see if user is Active.
using (SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["HSEProjRegConnectionString1"].ConnectionString))
{
    conn.Open();
    using (SqlCommand cmd = new SqlCommand("SELECT [active] FROM [tbl_Person] WHERE username LIKE @username", conn))
    {
    cmd.Parameters.AddWithValue("@username", "%" + userName + "%");

    var res = cmd.ExecuteScalar();
    bool registeredAndActive = (bool)res;

    if (registeredAndActive)
    {
        // Active Condition. The DEFAULT in SWITCH() will take care of displaying content.
    }
    else
    {
        // !Active Condition.  Shows an alternative version of the default page where the user is told they do not have access.
        Response.Redirect("default.aspx?Error_ID=2");
    }
}

代码的重点是首先检查 SWITCH() 方法中的查询字符串,以防稍后页面提供。然后它获取当前登录的 AD 用户名,然后检查用户数据库以查看用户是否标记为活动。如果是这样,它什么也不做,因为它将允许页面正常加载。如果没有,那么它会重定向到同一页面,但会附加一个 Error_ID,以便我可以显示一个不同的视图,说明用户无权访问。我很确定这就是重定向循环的来源。有人对如何消除重定向循环有任何想法吗?我尝试做 aRequest.Url.ToString()然后 a!var.Contains做重定向,但我也无法做到这一点。

编辑:我应该注意,我很想知道是否有人可以替代Response.Redirect(). 它可以工作,但最初,我正在使用Response.End()并且不允许任何代码运行,所以想出了 usingResponse.Redirect()和 aQueryString来做我想做的事。

4

3 回答 3

1

您正在测试您的用户是否处于活动状态两次。此外,在第二次检查中,您不断将页面重定向到自身,从而继续进行检查。

您的第一张支票在这里:

switch (Request.QueryString["Error_ID"])
{
(...)
case "2":
    // Error Code 2 is when a user is not currently Active.
    MultiView1.ActiveViewIndex = 2;
    break;
(...)

你的第二张支票在这里:

    if (registeredAndActive)
    {
        // Active Condition. The DEFAULT in SWITCH() will take care of displaying content.
    }
    else
    {
        // !Active Condition.  Shows an alternative version of the default page where the user is told they do not have acces.
        Response.Redirect("default.aspx?Error_ID=2");
    }

所以第二个检查将页面重定向到它自己,并且它一直在循环。

恕我直言,解决此问题的最简单方法是如果您的错误代码为“2”,则不检查您当前的用户是否处于活动状态,即您可以:

1)如果Error_ID为2则停止页面执行,即将第一次检查改为:

case "2":
  // Error Code 2 is when a user is not currently Active.
  MultiView1.ActiveViewIndex = 2;
  Response.End(); // <--- this will stop the execution before reaching the first block
  break;

2) 不要再次重定向页面,如果 Error_ID 为 2,即将您的第二次检查更改为:

if (registeredAndActive)
{
    // Active Condition. The DEFAULT in SWITCH() will take care of displaying content.
}
else
{
    // !Active Condition.  Shows an alternative version of the default page where the user is told they do not have acces.

    if (MultiView1.ActiveViewIndex != 2) { // check if the page has already been redirected
      Response.Redirect("default.aspx?Error_ID=2");
    }
}

恕我直言,解决方案 2 似乎是两者中最干净、最优雅的

于 2013-06-12T00:25:45.613 回答
1

做这样的事情怎么样:

if(MultiView1.ActiveViewIndex != 2)
{
  using (SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["HSEProjRegConnectionString1"].ConnectionString))
  {
    conn.Open();
    using (SqlCommand cmd = new SqlCommand("SELECT [active] FROM [tbl_Person] WHERE username LIKE @username", conn))
    {
      cmd.Parameters.AddWithValue("@username", "%" + userName + "%");

      var res = cmd.ExecuteScalar();
      bool registeredAndActive = (bool)res;

      if (registeredAndActive)
      {
        // Active Condition. The DEFAULT in SWITCH() will take care of displaying content.
      }
      else
      {
        // !Active Condition.  Shows an alternative version of the default page where the user is told they do not have acces.
        Response.Redirect("default.aspx?Error_ID=2");
      }
    }
  }
}
于 2013-06-12T00:26:32.840 回答
1

如果查询字符串值(Error_ID)不是 1 或 2,您只需要执行数据库检查。逻辑的编写方式,您将始终检查用户是否处于活动状态,如果不是,则它将继续向页面发送 Error_ID=2 查询字符串值,您将陷入循环。我建议将用于测试查询字符串的逻辑分离到一个单独的方法中,并让它返回一个布尔值,说明是否尝试在数据库中查询 Active 值。

于 2013-06-12T00:27:35.460 回答