在不同的页面中使用不同的用户登录
本文关键字:用户 登录 | 更新日期: 2023-09-27 18:14:06
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.SqlClient;
using MSSQLConnector;
using System.Data;
namespace SoftwareAnalysisAndDesign.SAD
{
public partial class OnlineAppSyss : System.Web.UI.Page
{
private MSConnector connector = new MSConnector();
//string queries for each DataSet
string query = null;
string teacherquery = null;
string subjectquery = null;
string schoolfeequery = null;
string accountdetailsquery = null;
int rowcounter = 0;
int teachercounter = 0;
//DataSet and DataTable initialization
private DataSet studentData;
private DataSet subjectData;
private DataSet schoolfeeData;
private DataSet teacherData;
private DataSet accountdetailsData;
private DataTable subjectTable;
private DataTable schoolfeeTable;
private DataTable accountdetailsTable;
protected void Page_Load(object sender, EventArgs e)
{
}
protected void Button1_Click(object sender, EventArgs e)
{
if (dropdownrole.SelectedItem.Value == "Admin")
{
Admin();
}
else if (dropdownrole.SelectedItem.Value == "Student")
{
Student();
}
else if (dropdownrole.SelectedItem.Value == "Teacher")
{
Teacher();
}
}
public void Admin()
{
//String decleration
string adminusername = (this.UserName.Value);
string adminpass = (this.Password.Value);
try
{
if (adminusername == "admin" && adminpass == "cmpe1234")
{
Session["adminlogin"] = adminusername;
Response.Redirect("AdministratorPage.aspx");
}
}
catch
{
Response.Write("<script language=javascript>alert('Username and password does not match. Try again');</script>");
}
}
public void Student()
{
//Connection String
connector.ConnectionString = "Data Source=keith;Initial Catalog=SAD;Integrated Security=True";
//String decleration
string username = (this.UserName.Value);
string pass = (this.Password.Value);
//query database from sql server management studio for student
query = "select studentid,password,firstname,lastname,course,year from student";
//execute query for student
studentData = connector.ExecuteQuery(query);
try
{
for (; ; )
{
//string decleration and getting each rows of the Student database
string userid = studentData.Tables[0].Rows[rowcounter]["StudentID"].ToString();
string password = studentData.Tables[0].Rows[rowcounter]["Password"].ToString();
string firstname = studentData.Tables[0].Rows[rowcounter]["FirstName"].ToString();
string lastname = studentData.Tables[0].Rows[rowcounter]["LastName"].ToString();
string course = studentData.Tables[0].Rows[rowcounter]["Course"].ToString();
string year = studentData.Tables[0].Rows[rowcounter]["Year"].ToString();
//For Student Condition
if (username == userid && pass == password)
{
//For Student Data Sessions
Session["login"] = userid;
Session["firstname"] = firstname;
Session["lastname"] = lastname;
Session["course"] = course;
Session["year"] = year;
//For Account Details Data
accountdetailsquery = "select StudentID,FirstName,MiddleName,LastName,Age,Province,City,Course,Year,College,Department,ContactNumber,Email from student where studentid = " + username + "";
//query database from sql server management studio for student as accountDetails Information
accountdetailsData = connector.ExecuteQuery(accountdetailsquery);
accountdetailsTable = accountdetailsData.Tables[0];
Session["AccountDetails"] = accountdetailsTable;
//For SchoolFee Data
//query database from sql server management studio for schoolfee
schoolfeequery = "select DatePaid,AmountPaid,CurrentBalance,TotalBalance,Semester from schoolfee where studentid = " + username + "";
//execute query for schoolfee
schoolfeeData = connector.ExecuteQuery(schoolfeequery);
//get all data rows for SchoolFee and store it into DataTable
schoolfeeTable = schoolfeeData.Tables[0];
Session["SchoolFee"] = schoolfeeTable;
//For Subject Data
//query database from sql server management studio for subject
subjectquery = "select CourseNo,CourseDescription,Units,Day,StartTime,EndTime,Room from subject where studentid = " + username + "";
//execute query for subject
subjectData = connector.ExecuteQuery(subjectquery);
//get all data rows for Subject and store it into DataTable
subjectTable = subjectData.Tables[0];
Session["Subjects"] = subjectTable;
//Redirect the page to Student Page after the user successfully logs in.
Response.Redirect("StudentPage.aspx", true);
break;
}
else
{
rowcounter++;
}
}
}
catch
{
Response.Write("<script language=javascript>alert('Username and password does not match. Try again');</script>");
}
}
public void Teacher()
{
//Connection String
connector.ConnectionString = "Data Source=keith;Initial Catalog=SAD;Integrated Security=True";
//String decleration
string username = (this.UserName.Value);
string pass = (this.Password.Value);
//query database from sql server management studio for student
teacherquery = "select teacherid,password,firstname,lastname,department,position from teacher";
//execute query for student
teacherData = connector.ExecuteQuery(teacherquery);
try
{
for (; ; )
{
//string decleration and getting each rows of the Teacher database
string teacheruserid = teacherData.Tables[0].Rows[rowcounter]["TeacherID"].ToString();
string teacherpassword = teacherData.Tables[0].Rows[rowcounter]["Password"].ToString();
string teacherfirstname = teacherData.Tables[0].Rows[rowcounter]["FirstName"].ToString();
string teacherlastname = teacherData.Tables[0].Rows[rowcounter]["LastName"].ToString();
string teacherdepartment = teacherData.Tables[0].Rows[rowcounter]["Department"].ToString();
string teacherposition = teacherData.Tables[0].Rows[rowcounter]["Position"].ToString();
//For Teacher Condition
if (username == teacheruserid && pass == teacherpassword)
{
Session["teacherlogin"] = teacheruserid;
Session["teacherfirstname"] = teacherfirstname;
Session["teacherlastname"] = teacherlastname;
Session["department"] = teacherdepartment;
Session["position"] = teacherposition;
//Redirect the page to Student Page after the user successfully logs in.
Response.Redirect("TeacherPage.aspx", true);
break;
}
else
{
rowcounter++;
}
}
}
catch
{
Response.Write("<script language=javascript>alert('Username and password does not match. Try again (teacher)');</script>");
}
}
}
}
我的问题是我不能访问这段代码中的教师页面,它只会访问学生页面。我应该在系统中使用什么条件来避免冗余?
这是我的下拉列表的aspx代码:
<asp:DropDownList runat="server" id="dropdownrole">
<asp:ListItem Text="Admin">Admin</asp:ListItem>
<asp:ListItem Text="Student">Student</asp:ListItem>
<asp:ListItem Text="Teacher">Teacher</asp:ListItem>
</asp:DropDownList>
和登录按钮:
protected void Button1_Click(object sender, EventArgs e)
{
if (dropdownrole.SelectedItem.Value == "Admin")
{
Admin();
}
else if (dropdownrole.SelectedItem.Value == "Student")
{
Student();
}
else if (dropdownrole.SelectedItem.Value == "Teacher")
{
Teacher();
}
}
我想有一个条件,如果用户名和密码输入检测到2个用户中的任何一个,它将重定向到他们的特定网页。请帮助。
您没有在teacherquery中选择教师密码,因此teacherpassword总是为空,这就是为什么条件password == teacherpassword总是为假。
就像DPac指出的那样,你不需要查询所有的行来验证用户名&密码,只需选择用户名&首先只需要密码,如果正确,然后选择所有您想要的行并将它们分配给会话,然后重定向。
关于这个问题,如果学生的用户名和老师的用户名一样,会有很多麻烦,为了避免它(没有做很多事情)是在两个名为userRole的表中添加1个int行(例如:1 = admin, 2 = teacher, 3 = student等),并允许它为空。之后,进入每个表并将该行更新为适当的值(例如在student表:UPDATE student SET userRole = 3中)。更新所有行后,然后转到Design并将userRole设置为not allow null现在,用户名+ userRole组合(应该是您的主键)将使您的生活更轻松。
虽然我更喜欢@ronaldinho为两个表提供RoleId列的方式。以下是您可以在不干扰数据库的情况下执行的操作。
只需在您的登录页面上添加一个包含"教师"answers"学生"的下拉列表。因此,当有人试图登录时,他们必须选择自己的角色,然后进入。这样您就可以将代码指定为
protected void Button1_Click(object sender, EventArgs e)
{
if (dropdownrole.SelectedItem.Text == "Admin")
{
Admin();
}
else if (dropdownrole.SelectedItem.Text == "Student")
{
Student();
}
else if (dropdownrole.SelectedItem.Text == "Teacher")
{
Teacher();
}
}
看你是否可以