登录页面&使用mysql数据库在asp.net中按照usertype重定向页面 [英] Login Page & Redirect the page as per usertype in asp.net using mysql database

查看:76
本文介绍了登录页面&使用mysql数据库在asp.net中按照usertype重定向页面的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我在数据库中有两个表:

I have two tables in the database:

Login (LID, UName, UPasword, UserType_ID)
UserType(UserType_ID, UserType)



我需要验证用户名和usertype并为UserName(UName)创建一个会话变量。

以下代码就像管理员和用户登录他们重定向一样到gallery.aspx页面,但我想当管理员登录然后他们重定向到View_Reports.aspx页面,当公共用户登录时,他们重定向到gallery.aspx页面



代码


I need to validate username and usertype and create a session variable for UserName(UName).
below code is works like when admin and user login they redirect to gallery.aspx page but i want when admin login then they redirect to "View_Reports.aspx" page and when public user login they redirect to gallery.aspx page

code

protected void Button1_Click1 ( object sender, EventArgs e )
{
	name = TextBox1.Text;
	pwd = TextBox1.Text;
	conn.Open( );
	MySqlCommand cmd = new MySqlCommand( " select * from login  where UName =  '" + name + "'  and  UPasword =  '" + pwd + "' " );
	cmd.Connection = conn;
	// cmd.Connection = conn;
	MySqlDataReader dr = cmd.ExecuteReader( );

	if ( dr.HasRows )
	{
		dr.Read( );
		Session[ " UName" ] = dr[ 1 ].ToString( );
		;
		Session[ " UPasword" ] = dr[ 4 ].ToString( );
		Session[ "UserType_ID" ] = dr[ 0 ].ToString( );
		;
		//Session["prenom"] = dr[2].ToString();
		//Session["telephone"] = dr[3].ToString();

		Response.Redirect( "View_Reports.aspx" );
	}
	else
	{
		Response.Redirect( "gallery.aspx" );
	}

	dr.Close( );
	conn.Close( );
}

推荐答案

1。永远不要使用字符串连接来创建SQL查询 - 学习使用参数化SQL查询! (给你一个样本 - http://www.dreamincode.net/forums/topic/268104-parameterizing-your-sql-queries-the-right-way-to-query-a-database/ [ ^ ])

2.更改代码以在从数据库读取后检查用户类型,而不是根据它重定向:

1. Never ever use string concatenation to create SQL query - learn using parametrized SQL query! (A sample for you - http://www.dreamincode.net/forums/topic/268104-parameterizing-your-sql-queries-the-right-way-to-query-a-database/[^])
2. Change your code to check user type after reading it from database than redirect according to it:
if ( dr.HasRows )
{
	dr.Read( );
	Session[ " UName" ] = dr[ 1 ].ToString( );
	;
	Session[ " UPasword" ] = dr[ 4 ].ToString( );
	Session[ "UserType_ID" ] = dr[ 0 ].ToString( );
	;
	//Session["prenom"] = dr[2].ToString();
	//Session["telephone"] = dr[3].ToString();
}
// !!!
if(Convert.ToString(Session[ "UserType_ID" ]) == "admin" )
{
	Response.Redirect( "View_Reports.aspx" );
}
else
{
	Response.Redirect( "gallery.aspx" );
}


if (Convert.ToString(Session["UserType_ID"]).Equals("admin"))
            {
                Response.Redirect("View_Reports.aspx",false);
            }
            else
            {
                Response.Redirect("gallery.aspx",false);
            }





避免线程中止异常使用上面的代码。



和Kornfeld Eliyahu Peter是对的可能是UserType_Id不是管理员



to avoid thread abort exception use the above code.

and Kornfeld Eliyahu Peter is right may be UserType_Id is not an admin


这篇关于登录页面&使用mysql数据库在asp.net中按照usertype重定向页面的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
其他开发语言最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆