如何保持用户登录 [英] how to keep users logged in
问题描述
大家好,
我的项目包括创建一个基于Web的搜索应用程序,该应用程序允许用户使用名为"Employee"的Sql数据库表搜索员工.我创建了一个页面,用户在其中输入搜索条件,然后单击搜索按钮,网格视图将显示结果,在发现的每一行旁边都有一个链接,该链接将用户引导到另一个页面,该页面包含有关该员工的详细信息,此页面为DetailsView .第三页包括创建数据库中找不到的新员工.因此它也包含DetailsView.我也有一个登录页面.
这里有个要点:我想允许所有人访问搜索结果页面(Gridview),但是只有Admins(存在于名为Roles的sql DB表中)有权修改DetailsView Detailses信息页面上的数据,我已经做到了使用
Hi everybody,
My project consist of creating a web-based search application that allows users to search for employees using a Sql database table named "Employee". I have created a page where the user enters search criteria, hit search button a grid view will display results, next to each row found there is a link that lead the user to another page containing detailed information about that Employee, this page is a DetailsView. the 3rd page consist of creating a new employee not found in database. so it also consist of DetailsView. I also have a login Page.
here is the catch: I want to allow everybody to access the search result page (Gridview) but only Admins (who exist in a sql DB table named Roles) have the right to modify data on the DetailsView Detailes info Page, I ve done this using the
DetailsView1.AutoGenerateEditButton = true;
DetailsView1.AutoGenerateDeleteButton = true;
但是我想限制普通用户在Edit模式下使用gridview访问AddNewEmployee页面和Searchresult页面,我的登录页面如下所示:
but I want restrict regular users from accessing AddNewEmployee Page and Searchresult page with gridview on Edit mode, my login page looks like that:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.SqlClient;
using System.Configuration;
using System.Web.Security;
using System.Text;
using System.Security.Cryptography;
using System.IO;
namespace Phonebook
{
public partial class LoginUser : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
}
public string encryptQueryString(string strQueryString)
{
return BLL.Encryption64.Encrypt(strQueryString, "!#$a54?3");
}
protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)
{
string username = Login1.UserName;
string pwd = Login1.Password;
SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["MyConnectionString"].ConnectionString);
conn.Open();
string sqlUserName = "SELECT UserId, Password FROM Roles ";
sqlUserName += " WHERE (UserId ='" + username + "')";
sqlUserName += " AND (Password ='" + pwd + "')";
sqlUserName += " AND (Admin = 'Y')";
SqlCommand cmd = new SqlCommand(sqlUserName, conn);
cmd.Parameters.AddWithValue("@UserId", username);
cmd.Parameters.AddWithValue("@Password", pwd);
string currentName;
currentName = (string)cmd.ExecuteScalar();
if (currentName != null)
{
//AddEmployee AdEmp = new AddEmployee();
Session["UserAuthentication"] = username;
Session.Timeout = 1;
Response.Redirect("~/AddEmployee.aspx?search=" + encryptQueryString(username) + "");
}
else
{
Session["UserAuthentication"] = "";
}
}
我使用的是登录控件,但未使用ASP.NET配置工具.
有什么办法可以创建执行此操作的登录逻辑?谢谢
I am using login control but not the ASP.NET configuration tool.
Is there any way I can create a login logic that does this? Thank you
推荐答案
a54?3"); } 受保护的 无效 Login1_Authenticate(对象发件人,AuthenticateEventArgs e) { 字符串 username = Login1.UserName; 字符串 pwd = Login1.Password; SqlConnection conn = 新 SqlConnection(ConfigurationManager.ConnectionStrings [" ].ConnectionString); conn.Open(); 字符串 sqlUserName = " ; sqlUserName + = " +用户名+ " ; sqlUserName + = " + pwd + " ; sqlUserName + = " ; SqlCommand cmd = 新 SqlCommand(sqlUserName,conn); cmd.Parameters.AddWithValue(" ,用户名); cmd.Parameters.AddWithValue(" ,pwd); 字符串 currentName; currentName =(字符串)cmd.ExecuteScalar(); 如果(currentName!= 空) { // AddEmployee AdEmp = new AddEmployee(); 会话[" ] =用户名; Session.Timeout = 1 ; Response.Redirect(" + cryptoQueryString(username)+ " ); } 其他 { 会话[" ] = " "; } }
a54?3"); } protected void Login1_Authenticate(object sender, AuthenticateEventArgs e) { string username = Login1.UserName; string pwd = Login1.Password; SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["MyConnectionString"].ConnectionString); conn.Open(); string sqlUserName = "SELECT UserId, Password FROM Roles "; sqlUserName += " WHERE (UserId ='" + username + "')"; sqlUserName += " AND (Password ='" + pwd + "')"; sqlUserName += " AND (Admin = 'Y')"; SqlCommand cmd = new SqlCommand(sqlUserName, conn); cmd.Parameters.AddWithValue("@UserId", username); cmd.Parameters.AddWithValue("@Password", pwd); string currentName; currentName = (string)cmd.ExecuteScalar(); if (currentName != null) { //AddEmployee AdEmp = new AddEmployee(); Session["UserAuthentication"] = username; Session.Timeout = 1; Response.Redirect("~/AddEmployee.aspx?search=" + encryptQueryString(username) + ""); } else { Session["UserAuthentication"] = ""; } }
我使用的是登录控件,但未使用ASP.NET配置工具.
有什么办法可以创建执行此操作的登录逻辑?谢谢
I am using login control but not the ASP.NET configuration tool.
Is there any way I can create a login logic that does this? Thank you
看看,
http://stackoverflow.com/questions/5956224/keep-me-登录Windows表单登录 [ ^ ]
have a look,
http://stackoverflow.com/questions/5956224/keep-me-logged-in-for-windows-forms-login[^]
这篇关于如何保持用户登录的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!