如何使用c＃vstudio 2008和SQL 2008创建登录界面。 [英] How to create Login Interface using c# vstudio 2008 and SQL 2008.

问题描述

如何使用C＃v studio 2008创建界面登录。

我创建了用户dbase作为后端和表单作为前端。

1如何使用表单连接到dbase？

2.如何创建新用户？

解决方案

ASP.Net确实有几个用户控件但我个人从不使用它们。



1.你需要一个带有用户名和密码的登录页面。

2.设置web.config以进行表单身份验证。大量在线示例。

3.当用户点击您的登录按钮时，将用户名和密码发送到您的存储过程以验证他们是否是有效用户。

4。如果有效，请设置一些会话变量，例如Session [UserID] = userid;

5.因为您应该使用FormsAuthentication告诉.Net您已使用FormsAuthentication.RedirectFromLoginPage验证用户（userid ）;

6.确保在代码中检查会话变量是否存在他们无法访问的内容。

7.要创建新用户，请创建形式和做类似。调用传入所有参数的存储过程。

8.要连接到SQL，请使用SqlHelper类，否则使用SqlConnection和SqlCommand对象。

< blockquote> 1）有一个 巨大的 方式将表单与DB连接。在这种情况下，您不需要连接，只需要检查用户输入的用户名和密码是否与数据库中的有效条目匹配。这里有一些代码和注释可能对此有所帮助（虽然它可能对你来说有点先进，所以只是瞎了你不理解的部分）：

密码存储：如何做。 [ ^ ]

所有你需要的然后，从db检索id和密码值。这也有点复杂，因为你必须正确地做到这一点：如果你不这样做，那么你将系统全开放给未登录的用户破坏你的数据库 - 因为他们没有登录你知道你想要盖章的头......

 使用（SqlConnection con =  new  SqlConnection（strConnect））
 {
 con.Open（）; 
 使用（SqlCommand com =  new  SqlCommand（   SELECT UserID，PasswordHash FROM myTable WHERE UserName = @ UN，con））
 {
 com.Parameters.AddWithValue（   @ UN，tbUsername.Text）; 
 使用（SqlDataReader reader = com.ExecuteReader（））
 {
  if （reader.Read（））
 {
  int  userId =（ int ）reader [  UserId]; 
  byte  [] pw =（ byte  []）阅读器[  PasswordHash]; 
  if （MatchSHA1（pw，GetSHA1（tbUsername.Text，tbPassword.Text）））; 
 {
  //  成功登录 
} 
 } 
  //  登录失败 
} 
} 
} 

2）新用户只是意味着收集他的详细信息的另一种形式，结合类似于上面的SELECT来检查他的要求用户名尚未使用，后跟INSERT添加新的详细信息：

 使用（SqlConnection con =  new  SqlConnection（strConnect））
 {
 con.Open（）; 
 使用（SqlCommand com =  new  SqlCommand（   INSERT INTO myTable（UserName，PasswordHash）VALUES（@UN，@ PH），con））
 {
 com .Parameters.AddWithValue（  @ UN，tbUsername.Text）; 
 com.Parameters.AddWithValue（  @ PH，GetSHA1（tbUsername.Text，tbPassword） 。文本））; 
 com.ExecuteNonQuery（）; 
} 
} 

看看，试一试。您应该可以从那里进行排序。

How to create an interface login using C# v studio 2008.
Which i have created the user dbase as back end & the form as the front end.
1. How to connect to the dbase with the form?
2. How to create new user?

解决方案

ASP.Net does have a few user controls but I personally don't ever use them.

1. You need a login page that takes username and password.
2. Setup your web.config for forms authentication. Tons of examples online.
3. When the user clicks your login button send the username and password to your stored procedure to validate if they are a valid user.
4. If valid, set some session variable, for example Session["UserID"] = userid;
5. Since you should be using FormsAuthentication tell .Net that you have validated the user with FormsAuthentication.RedirectFromLoginPage(userid);
6. Make sure in your code you check your session variables if there is something they would not have access to.
7. To create a new user, create the form and do similar. Call your stored procedure passing in all the parameters.
8. To connect to SQL, use your SqlHelper class if you have one otherwise use the SqlConnection and SqlCommand objects.

1) There are a huge number of way to connect a form with a DB. In this case, you don't want a connection, you just want to check if the username and password your user entered match a valid entry in the database. There is some code and notes here that may help with this (though it may be a little advanced for you so just "bleep over" the bits you don't understand):
Password Storage: How to do it.[^]
All you need to do then is retrieve the id and password value from the db. This is also a bit complex, because you do have to do this properly: if you don't then you leave your system wide open to a non-logged in user destroying your database - and because they aren't logged in you don;t know whose head you want to stamp on...

using (SqlConnection con = new SqlConnection(strConnect))
    {
    con.Open();
    using (SqlCommand com = new SqlCommand("SELECT UserID, PasswordHash FROM myTable WHERE UserName=@UN", con))
        {
        com.Parameters.AddWithValue("@UN", tbUsername.Text);
        using (SqlDataReader reader = com.ExecuteReader())
            {
            if (reader.Read())
                {
                int userId = (int)reader["UserId"];
                byte[] pw = (byte[])reader["PasswordHash"];
                if (MatchSHA1(pw, GetSHA1(tbUsername.Text, tbPassword.Text)));
                    {
                    //Successful login
                    }
                }
            //Failed login
            }
        }
    }

2) New user just means another form to collect his details, combined with a SELECT similar to the above to check his requested Username is not already used, followed by an INSERT to add the new details:

using (SqlConnection con = new SqlConnection(strConnect))
    {
    con.Open();
    using (SqlCommand com = new SqlCommand("INSERT INTO myTable (UserName, PasswordHash) VALUES (@UN, @PH)", con))
        {
        com.Parameters.AddWithValue("@UN", tbUsername.Text);
        com.Parameters.AddWithValue("@PH", GetSHA1(tbUsername.Text, tbPassword.Text));
        com.ExecuteNonQuery();
        }
    }

Have a look, and give it a try. You should be able to sort it out from there.

这篇关于如何使用c＃vstudio 2008和SQL 2008创建登录界面。的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！