密码保护使用登录页面一个asp.net网站 [英] Password protecting an asp.net site using a log in page

问题描述

我想密码保护一个asp.net网站，我这样做行不行，但是如果他们把/home.aspx在地址的末端然后将日志传递页面，有没有方式使这些其他页面只能通过按键访问，如果他们直接访问它会重定向到登录页面？

I am trying to password protect an asp.net site, i have done this okay, however if they put /home.aspx at the end of the address then it will by pass the log in page, is there a way of making those other pages only accessible through the buttons, and if they are accessed directly it will redirect you to the login page?

感谢

推荐答案

在你登录你应该启动一个会话的时刻。
这是一些code我在高中的项目之一使用

At the moment you login you should start a session. This is some code I used in one of my high school projects

> public void LoginUser(string id, string mail, string ww, string admin)
>     {
>         Session["UserID"] = id;
>         Session["IsAdmin"] = admin;
>         if(admin == "admin")
>         {
>             Response.Redirect("~/Admin/AdminCP.aspx");
>         }
>         else if (admin == "user")
>         {
>             Response.Redirect("~/User/UserCP.aspx");
>         }
>         else
>         {
>             lblLoginError.Text = "An error has accurred";
>             lblLoginError.Visible = true;
>             lblLoginError.CssClass = "failureNotification left";
>         }
>     }

这是一种方法，我用检测如果用户是管理员还是普通用户。
这之后，在Page_Load节的每一页，你必须添加

This is a way I used detecting if a user was an admin or a basic user. After this, in every page in the Page_Load-section you have to add

> if (Session["UserID"] == null)
>         {
>             Response.Redirect("~/Account/Login.aspx");
>         }

如果会话用户ID运行这将检查每次。如果为空，登录从来没有发生过，所以用户会被重定向到的页面，在那里他可以登录。

This will check everytime if the session UserID is running. If it is empty, the login never happened, so the user will be redirected to the page where he can login.

希望这有助于; - ）

Hope this helped ;-)

这篇关于密码保护使用登录页面一个asp.net网站的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！