我有一个登录网页,还有一个 SQL 数据库。页面与数据库连接。问题是数据库中的密码是小写字母,但是当我保持大写锁定时,我也可以登录。现在我想限制该用户可以添加带有数字和字母的密码。当密码为小写字母且用户使用大写锁定时,密码将不匹配。
这是我的桌子
CREATE TABLE [dbo].[Log_Users]
(
[Logid] [int] IDENTITY(100,1)PRIMARY KEY NOT NULL,
[Username] [varchar](55) NOT NULL,
[PASSWORD][varchar](55),
[Time_Logged_in] [datetime] NOT NULL,
[Time_Logged_Out] [datetime] NOT NULL,
[Status] [int] NOT NULL,
[Date_Logged_in] [datetime] NOT NULL,
[E_MAIL] [varchar](55) NOT NULL
)
insert into dbo.Log_Users
values('Saqib','pakistan',GETDATE(),'02/07/2010',1,GETDATE(),'saqib@wow.com')
insert into dbo.Log_Users
values('Afridi','Oops',GETDATE(),'02/09/2010',1,GETDATE(),'afridi@wowMail.com')
而这个我的 aspx 代码
using System;
using System.Data;
using System.Data.SqlClient;
using System.Configuration;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
using System.Data;
public partial class _Default : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
}
protected void btnSubmit_Click(object sender, EventArgs e)
{
SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["dbconnection"].ConnectionString);
con.Open();
SqlCommand cmd = new SqlCommand("USerLogin", con);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@Username", txtUserName.Text);
cmd.Parameters.AddWithValue("@UPassword", txtPWD.Text);
cmd.Parameters.Add("@OutRes", SqlDbType.Int).Direction = ParameterDirection.Output;
cmd.ExecuteNonQuery();
int output = (int)cmd.Parameters["@OutRes"].Value;
if (output == 1)
{
Response.Redirect("Details.aspx");
}
else
{
ClientScript.RegisterStartupScript(Page.GetType(), "validation", "<script language='javascript'>alert('Invalid Username Or Password')</script>");
}
SqlDataAdapter da = new SqlDataAdapter(cmd);
DataTable dt = new DataTable();
da.Fill(dt);
if (dt.Rows.Count > 0)
{
Response.Redirect("Details.aspx");
}
else
{
ClientScript.RegisterStartupScript(Page.GetType(), "validation", "<script language='javascript'>alert('Invalid Username Or Password')</script>");
}
}
}
并且存储过程是
ALTER Proc USerLogin
(
@Username VarChar(50),
@UPassword varChar(50),
@OutRes int OUTPUT
)
AS
SET @OutRes = 0
IF EXISTS(SELECT top 1 * FROM Log_Users WHERE Username = @Username and PASSWORD = @UPassword)
BEGIN
SET @OutRes = 1
Return @outRes
END
ELSE
Return @outRes
GO
谁能帮我在哪里放置什么代码?