登录后,用户角色登录和不同的表单显示不同的用户角色 [英] User Role Based Login and different form display after login for different user role
问题描述
您好,我想创建一个Login表单,根据用户的角色将用户登录重定向到两个不同的表单。我有两种形式1. UserPanelFrm和2.FrmUserRole以及两个用户角色。 1.管理员和2.User。我想将Admin重定向到UserPanelFrm和User以形成FrmUserRole。我研究了这个过程,但只能为ASP.NET找到有用的资源。
tbl_Staff:
CREATE TABLE [dbo]。[tbl_Staff](
[StaffID] [ int ] IDENTITY ( 1 , 1 ) NOT NULL ,
[名称] [ nvarchar ]( 100 ) NOT NULL ,
[地址] [ nvarchar ]( 500 ) NULL ,
[电话] [ nvarchar ]( 100 ) NULL ,
[电子邮件] [ nvarchar的 ]( 100 ) NULL ,
[JoinedDate] [ date ] NULL ,
[用户名] [ nvarchar ](< span class =code-digit> 50 ) NULL ,
[密码] [ nvarchar ](max) NULL ,
[CreatedDate] [ date ] NULL ,
[角色] [ nvarchar ]( 200 ) NULL ,
[状态] [ int ] NULL
}
tbl_StaffRoles:
CREATE TABLE [dbo]。[tbl_StaffRoles](
[id] [ int ] NULL ,
[RoleDescription] [ nvarchar ]( 50 ) NULL
)
tbl_StaffRoles数据:
id RoleDescription
1管理员
2用户
您好,我目前正在使用以下代码进行正常登录。
LoginForm btnLogin:
private void btnLogin_Click( object sender,EventArgs e)
{
尝试
{
int result = uc.Login(txtUserName.Text,txtPassword.Text) ;
if (result == 1 )
{
此 .Hide();
UserPanelFrm frm = new UserPanelFrm();
frm.ShowDialog();
this .Close();
}
else
{
MessageBox.Show( INVALID USERNAME OR PASSWORD);
MakeFieldBlank();
}
}
catch (例外情况)
{
MessageBox.Show(ex.Message);
}
}
UserClass.cs登录类:
public int 登录(字符串用户名,< span class =code-sdkkeyword> String 密码)
{
尝试
{
int result = 0 ;
SqlCommand cmd = new SqlCommand( 选择*来自tbl_Staff,其中Username = @ Username和Password = @ Password,conn);
cmd.Parameters.AddWithValue( @ Username,用户名);
cmd.Parameters.AddWithValue( @ Password,密码);
conn.Open();
SqlDataReader dr = cmd.ExecuteReader();
DataTable dt = new DataTable();
dt.Load(dr);
conn.Close();
if (dt.Rows.Count > 0 )
result = 1 ;
else
result = 0 ;
返回结果;
}
catch (例外情况)
{
抛出 ex;
}
}
哦,亲爱的......
从不存储明文密码 - 这是一个主要的安全风险。有关如何在此处执行此操作的信息:密码存储:如何做到这一点。 [ ^ ]
但更好(特别是基于角色的登录系统)根本不自己酿造 。
相反,请查看成员资格: MSDN - 会员介绍 [ ^ ]它提供了一个基于角色的安全会员系统,专为您要做的事情而设计。
好吧,我的错:我错过了WinForms位:忽略会员资格,只是正确实施密码。
然后你登录时所要做的就是检查角色并打开相应的表格:
string role = ...
表格frm = < span class =code-keyword> null ;
switch (role.ToLower())
{
case user:
frm = new FrmUserRole();
break ;
case admin :
frm = new UserPanelFrm();
break ;
}
如果(frm!= null )
{
隐藏();
frm.ShowDialog();
Show();
}
BTW:请重命名你的表格 - 尽量保持一致,下次你的生活会变得更轻松必须看看它...
当你进行身份验证时,你可以通过更改选择声明获得StaffID
从tbl_Staff中选择StaffID,其中Username = @ Username and Password = @ Password
如果您的数据表有行意味着身份验证成功,那么您已经这样做了。如果你得到的值dt.Rows [0] .ItemArray [0]value给你StaffID。
接下来执行下面的givn声明value作为参数
从tbl_StaffRoles中选择RoleDescription,其中[ id] = @id
然后你可以阅读分配给给定用户的角色,根据该值你可以决定打开哪个表格。
Hello, I want to create a Login form which redirects the user login to the two different form according to the roles of users. I have two forms 1. UserPanelFrm and 2.FrmUserRole and two user role . 1. Admin and 2.User . I want to redirect Admin to UserPanelFrm and User to form FrmUserRole. I researched for this process but only could found useful resources for ASP.NET.
tbl_Staff :
CREATE TABLE [dbo].[tbl_Staff](
[StaffID] [int] IDENTITY(1,1) NOT NULL,
[Name] [nvarchar](100) NOT NULL,
[Address] [nvarchar](500) NULL,
[Phone] [nvarchar](100) NULL,
[Email] [nvarchar](100) NULL,
[JoinedDate] [date] NULL,
[Username] [nvarchar](50) NULL,
[Password] [nvarchar](max) NULL,
[CreatedDate] [date] NULL,
[Roles] [nvarchar](200) NULL,
[Status] [int] NULL
}
tbl_StaffRoles :
CREATE TABLE [dbo].[tbl_StaffRoles](
[id] [int] NULL,
[RoleDescription] [nvarchar](50) NULL
)
tbl_StaffRoles data :
id RoleDescription
1 Admin
2 User
Hi , I am currently using following code for normal login.
LoginForm btnLogin :
private void btnLogin_Click(object sender, EventArgs e)
{
try
{
int result = uc.Login(txtUserName.Text, txtPassword.Text);
if (result == 1)
{
this.Hide();
UserPanelFrm frm = new UserPanelFrm();
frm.ShowDialog();
this.Close();
}
else
{
MessageBox.Show("INVALID USERNAME OR PASSWORD");
MakeFieldBlank();
}
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
}
UserClass.cs Login class :
public int Login(String Username, String Password)
{
try
{
int result = 0;
SqlCommand cmd = new SqlCommand("Select * from tbl_Staff where Username=@Username and Password=@Password", conn);
cmd.Parameters.AddWithValue("@Username", Username);
cmd.Parameters.AddWithValue("@Password", Password);
conn.Open();
SqlDataReader dr = cmd.ExecuteReader();
DataTable dt = new DataTable();
dt.Load(dr);
conn.Close();
if (dt.Rows.Count > 0)
result = 1;
else
result = 0;
return result;
}
catch (Exception ex)
{
throw ex;
}
}Oh, dear...
Never store passwords in clear text - it is a major security risk. There is some information on how to do it here: Password Storage: How to do it.[^]
But better (particularly for a role-based login system) don't "brew it yourself" at all.
Instead, look at Membership: MSDN - Introduction to Membership[^] it provides a role based, secure membership system that is designed for what you are trying to do.
OK, my fault: I missed the WinForms bit: ignore membership, just implement passwords properly.
Then all you have to do when they log in is check the role and open the appropriate form:
string role = ... Form frm = null; switch(role.ToLower()) { case "user": frm = new FrmUserRole(); break; case "admin": frm = new UserPanelFrm(); break; } if (frm != null) { Hide(); frm.ShowDialog(); Show(); }
BTW: Please, rename your forms - try to be consistent, it makes life a lot easier next time you have to look at it...
when you authenticate you can get the StaffID by changing the select statement
"Select StaffID from tbl_Staff where Username=@Username and Password=@Password"
if your datatable having rows means authentication success, you already done that. if you get the value ofdt.Rows[0].ItemArray[0]value gives you StaffID .
next execute below statement by givn above value as parameter
"select RoleDescription from tbl_StaffRoles where [id]= @id"
then you can read the role assigned to given user, based on that value you can decide which form to open.
这篇关于登录后,用户角色登录和不同的表单显示不同的用户角色的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
