如何制作登录页面 [英] how to make a login page
本文介绍了如何制作登录页面的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
A.O.A
我在检查登录表中的用户ID时遇到问题
谁能告诉我我做错了什么?
A.O.A
i''m having a problem while checking userid in login table
can anyone tell me what i'' doing wrong?
//table
PK TID numeric 9 0
FK EID numeric 9 0
UserID varchar 50 1
Password varchar 16 1
Verification_key varchar 50 1
Verified varchar 50 1
//html code
<asp:Content ID="Content2" ContentPlaceHolderID="ContentPlaceHolder1" runat="server">
<asp:Panel ID="pnlLogin" runat="server">
<table>
<tr>
<td>
<asp:Label ID="lblMessage" Text="" runat="server"></asp:Label>
</td>
</tr>
<tr>
<td>
User Id :
</td>
<td>
<asp:TextBox ID="txtUserId" runat="server" Font-Names="Segoe UI" Font-Size="10pt">
</asp:TextBox>
<asp:RequiredFieldValidator ID="UserIDRequiredFieldValidator" runat="server" ErrorMessage="User ID must be given"
ControlToValidate="txtUserId">
</asp:RequiredFieldValidator>
<cc1:TextBoxWatermarkExtender ID="UserIdTextBoxWatermarkExtender" runat="server"
TargetControlID="txtUserId" WatermarkCssClass="watermark" WatermarkText="UserId">
</cc1:TextBoxWatermarkExtender>
</td>
</tr>
<tr>
<td>
Password:
</td>
<td>
<asp:TextBox ID="txtPassword" runat="server" TextMode="Password" Font-Names="Segoe UI"
Font-Size="10pt">
</asp:TextBox>
<asp:RequiredFieldValidator ID="PasswordRequiredFieldValidator" runat="server" ErrorMessage="Password cannot be empty"
ControlToValidate="txtPassword">
</asp:RequiredFieldValidator>
</td>
</tr>
<tr>
<td colspan="2">
<asp:Button ID="cmdLogin" runat="server" Text="Login" OnClick="cmdLogin_Click" />
</td>
</tr>
</table>
</asp:Panel>
//C# code of login button click
protected void cmdLogin_Click(object sender, EventArgs e)
{
int result = 0;
string sSQL = "", UserID = "", Password = "";
UserID = txtUserId.Text;
Password = txtPassword.Text;
sSQL = "select Tid from employee_login where UserID = '" + UserID + "' ";
//---------------class munshi is defined below
result = munshi.executeQuery(sSQL);
if (result > 0)
{
lblMessage.Text = "Welcome :" + UserID ;
}
else
{
lblMessage.Text = "User id or password is incorrect!";
}
}
public class munshi
{
public static int executeQuery(string qry)
{
int resultInt = 0;
string ConnStr = ConfigurationManager.ConnectionStrings["HRFramework"].ConnectionString;
SqlConnection aConnection = new SqlConnection(ConnStr);
SqlCommand aCommand = new SqlCommand(qry, aConnection);
aConnection.Open();
try
{
resultInt = aCommand.ExecuteNonQuery();
}
catch (Exception)
{
//string ne = exi.Message;
resultInt = -1;
}
finally
{
aConnection.Close();
aCommand.Dispose();
}
return resultInt;
}
}
在调试时.....
while debuging.....
resultInt = aCommand.ExecuteNonQuery();
resultint返回-1,
resultint is returning -1,
推荐答案
select Tid from employee_login where UserID = '" + UserID + "' and password=' " txtpassword.text"'
;
登录按钮的示例代码
Sample code for login button
protected void btnsub_Click(object sender, EventArgs e)
{
try
{
string str = "select name,responsibility,remark,UserType,Deptt,emailid from empbirth where UserID=@userid and password=@pass";
SqlCommand cmd = new SqlCommand(str, Db.GetConnection());
cmd.Parameters.AddWithValue("userid", txtUId.Text);
cmd.Parameters.AddWithValue("pass", txtpwd.Text);
SqlDataReader dr = cmd.ExecuteReader();
if (dr.Read())
{
Session["name"] = dr["name"].ToString();
Session["userid"] = txtUId.Text;
Session["resp"] = dr["responsibility"].ToString();
Session["remark"] = dr["remark"].ToString();
Session["tag"] = dr["UserType"].ToString();
Session["deptt"] = dr["Deptt"].ToString();
Session["password"] = txtpwd.Text;
Session["emailid"] = dr["emailid"].ToString();
cmd.Connection.Close();
Response.Redirect("Home.aspx");
}
else
{
Label1.Text = "Wrong Id or Password / Not in DataBase";
cmd.Connection.Close();
}
}
建议:请勿使用类似
Suggestion:do not use query like
sSQL = "select Tid from employee_login where UserID = '" + UserID + "' ";
可以防止SQL注入.
to prevent from SQL Injection.
您好,
SqlCommand.ExecuteNonQuery方法
返回值
类型:System.Int32
受影响的行数.
对于UPDATE,INSERT和DELETE语句,返回值是该命令影响的行数.当要插入或更新的表上存在触发器时,返回值包括受插入或更新操作影响的行数以及受一个或多个触发器影响的行数.对于所有其他类型的语句,返回值为-1.如果发生回滚,则返回值也为-1.
您可能想尝试:
SqlCommand.ExecuteScalar方法
Hello,
SqlCommand.ExecuteNonQuery Method
Return Value
Type: System.Int32
The number of rows affected.
For UPDATE, INSERT, and DELETE statements, the return value is the number of rows affected by the command. When a trigger exists on a table being inserted or updated, the return value includes the number of rows affected by both the insert or update operation and the number of rows affected by the trigger or triggers. For all other types of statements, the return value is -1. If a rollback occurs, the return value is also -1.
You may wanna try:
SqlCommand.ExecuteScalar Method
这篇关于如何制作登录页面的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文