验证用户时页面加载
本文关键字:加载 用户 验证 | 更新日期: 2023-09-27 18:02:38
我想问如何使用validate用户使用请求字符串加载页面。我的代码如下:
protected void Page_Load(object sender, EventArgs e)
{
string ValidateUser = Request.QueryString["inisial"];
if (ValidateUser != null)
{
Response.Redirect("Home.aspx");
}
string x = Request.QueryString["ind"];
if (ValidateUser != null)
{
Response.Redirect("Home.aspx");
}
}
protected void ValidateUser(object sender, EventArgs e)
{
int userId = 0;
string constr = ConfigurationManager.ConnectionStrings["dbConn"].ConnectionString;
using (SqlConnection con = new SqlConnection(constr))
{
using (SqlCommand cmd = new SqlCommand("Validate_User"))
{
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@Username", Request.QueryString["inisial"]);
cmd.Parameters.AddWithValue("@Password", Request.QueryString["ind"]);
cmd.Connection = con;
con.Open();
userId = Convert.ToInt32(cmd.ExecuteScalar());
con.Close();
}
switch (userId)
{
case -1:
Login1.FailureText = "Username and/or password is incorrect.";
break;
case -2:
Login1.FailureText = "Account has not been activated.";
break;
default:
FormsAuthentication.RedirectFromLoginPage(Login1.UserName, Login1.RememberMeSet);
break;
}
}
}
我试图登录系统使用请求字符串更改用户名和密码与url:
http://default.aspx?id_sistem=24&inisial=gdm&ind=7/17/2004 4:50:40 PM
的例子:用户名= (gdm),密码= (7/17/2004 4:50:40)
如果我错了请纠正我由于
我不认为你应该在你的URL中使用查询字符串的用户名和密码,我建议创建一个方法,用户被认证,然后设置一个会话变量存储bool用户是否被认证。
protected void Page_Load(object sender, EventArgs e)
{
if (Session["Authenticated"] != null)
{
bool authenticated = Convert.ToBoolean(Session["Authenticated"]);
if (!authenticated)
{
Response.Redirect("~/Home.aspx");
}
}
}