如何使用存储过程重定向到asp.net c#(用户页面和管理页面)中的不同页面。 [英] how to redirect to different pages in asp.net c# (user pages and admin pages) using stored procedure.
问题描述
嗨朋友们,我正在开发asp.net C#SqlServer 2005.
这里,我想在用户登录时避免SQL注入..所以我写了存储过程为了这。它的作品很完美。
但是我的要求是我在登录时有2个用户类型
1)用户
2 )管理员
我只创建了用户访问权限。但我无法理解,如何根据条件使用2个usertypes。
这是我的SQL存储过程
---- ----------------------------
Hi friends, am working on asp.net C# SqlServer 2005.
here, i want to avoid SQL Injections during users login..So i wrote stored procedure for this. its works perfect.
But my requirement is I have 2 UserTypes while login
1)User
2)Admin
I have created only User access. But am unable to understand, how to use 2 usertypes based on if condition.
This is my SQL Stored Procedure
--------------------------------
set ANSI_NULLS ON
set QUOTED_IDENTIFIER ON
go
ALTER PROCEDURE [dbo].[CHECK_UserInfo_Proc]
@USERNAME VARCHAR(50),
@PASSWORD VARCHAR(50)
AS
BEGIN
SELECT * FROM UserInformation WHERE USERNAME COLLATE Latin1_general_CS_AS =@USERNAME AND [PASSWORD] COLLATE Latin1_general_CS_AS=@PASSWORD
END
在Sql表中,我有Id,UserName,Password,UserType,MobileNo等字段。
这是我的ASP.net登录页面代码(登录按钮点击)
In Sql table I have fields as Id,UserName,Password,UserType,MobileNo.
and this is my ASP.net Login page code(Login button Click)
protected void BtnLogin_Click(object sender, ImageClickEventArgs e)
{
DataTable dt = new DataTable();
try
{
SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["CollegeDBConnectionString"].ConnectionString);
SqlDataAdapter adp = new SqlDataAdapter("CHECK_UserInfo_Proc", con);
adp.SelectCommand.CommandType = CommandType.StoredProcedure;
adp.SelectCommand.Parameters.Add("@USERNAME", SqlDbType.VarChar, 50).Value = TxtUserName.Text.Trim();
adp.SelectCommand.Parameters.Add("@PASSWORD", SqlDbType.VarChar, 50).Value = TxtPassword.Text.Trim();
adp.Fill(dt);
if (dt.Rows.Count > 0)
{
Response.Redirect("~/User/Home.aspx");
}
else
{
ScriptManager.RegisterStartupScript(this, this.GetType(), "RunCode", "javascript:alert('Invalid UserName or Password');", true);
}
}
catch (Exception ex)
{
Response.Write("Error occured : " + ex.ToString());
}
finally
{
dt.Clear();
dt.Dispose();
}
}
请帮助我,如何创建多个usertypes基于条件。
如果是管理员---页面必须重定向到管理页面
如果是用户---页面必须重定向到用户页面
需要帮助提前致谢。
Please can you help me, how to create multiple usertypes based on condition.
If it is admin --- the pages must redirect to admin pages
if it is user --- the pages must redirect to User pages
help is required Thanks in advance.
推荐答案
首先 - 您的查询必须准确返回0或1条记录,所以要检查它而不是大于0 ...
获得你的记录后询问你的用户类型,比如
First of all - your query must return 0 or 1 records exactly, so check for it and not for large than 0...
After got your record ask about you user type, like
if(dt.Rows[0]["user_type"] == "admin")
{
// goto admin page
}
else
{
// goto user page
}
使用用于存储过程中用户和管理员的条件检查的输出参数。
Use output parameter for condition checking for user and admin in the stored procedure.
您好,
在您存储的prodeure中,您将获取用户名和密码的值。所以您可以检查用户类型是否正在输入您的应用程序。如果它的管理员然后重定向到管理页面或正常用户然后重定向到用户页面。比如
Hi,
In your stored prodeure you are fetching the values of username and password.So you can check like type of user is entering to your application.If its admin then redirect to admin page or if normal user then redirect to user page. Like
SqlDataAdapter da = new SqlDataAdapter();
DataSet ds = new DataSet();
da.Fill(ds);
string username = ds.Tables[0].Rows[0]["username"].ToString();
string password = ds.Tables[0].Rows[0]["password"].ToString();
if (username == "admin")
{
if (username == txtUsername.Text && password == txtPassword.Text)
{
Response.Redirect("admin.aspx");
}
}
else
{
if (username != "admin")
{
if (username == txtUsername.Text && password == txtPassword.Text)
{
Response.Redirect("home.aspx");
}
else
{
ScriptManager.RegisterStartupScript(this, this.GetType(), "RunCode", "javascript:alert('Invalid UserName or Password');", true);
}
}
}
这篇关于如何使用存储过程重定向到asp.net c#(用户页面和管理页面)中的不同页面。的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
