要为后台写一个登陆界面,asp.net 自带Login空间,因为直接就可以了。
双击添加的Login空间将出现如下代码:
- protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)
- {
- bool Authenticated = false;
- // Authenticated = AdminDB.Login(Login1.UserName,Login1.Password);
- Authenticated = Membership.ValidateUser(Login1.UserName, Login1.Password);
- e.Authenticated = Authenticated;
- if (Authenticated == true)
- {
- Response.Redirect("自定义跳转方向,如http://163.com或index.aspx");
- }
- else
- Login1.FailureText = "用户名或密码错误";
- }
这里直接调用了System.Web.Security.Membership.ValidateUser(username,password)方法,这样就不用自己再写验证sql语句了。
不过这里的ValidateUser(username,password)只能验证用户名和密码是否匹配,而不能验证其他的内容,为了能够自定义验证内容,我们写了一个验证程序。代码如下:
AdminDB.cs
- using System;
- using System.Data;
- using System.Configuration;
- using System.Web;
- using System.Web.Security;
- using System.Web.UI;
- using System.Web.UI.WebControls;
- using System.Web.UI.WebControls.WebParts;
- using System.Web.UI.HtmlControls;
- using System.Data.SqlClient;
- using MyProviders;
- /// <summary>
- /// AdminDB 的摘要说明
- /// </summary>
- ///
- namespace NewsSystem
- {
- public class AdminDB
- {
- public AdminDB()
- {
- //
- // TODO: 在此处添加构造函数逻辑
- //
- }
- public static bool Login(string name, string pwd)
- {
- SqlConnection conn = NewsDB.CreatCon();
- try
- {
- // String strsql = "select * from dbo.AdminUser where mg_login=@login and mg_pwd=@pwd";
- //限定UserRoles.roleid=0即只有管理员角色才能登录
- //需要注意的是这里字符串很长,在换行时首字符最好流出一个空格。
- string strsql = "select * from (((aspnet_Membership INNER JOIN aspnet_users ON "+
- " aspnet_Membership.UserId = aspnet_users.UserId) INNER JOIN Users ON "+
- " aspnet_users.username=Users.username) INNER JOIN UserRoles ON "+
- " Users.userid=UserRoles.userid) where Users.Username=@name and aspnet_Membership.password=@pwd "+
- " and UserRoles.roleid=0";
- SqlParameter[] paras = new SqlParameter[2];
- paras[0] = new SqlParameter("@name", SqlDbType.VarChar, 50);
- paras[0].Value = name;
- paras[1] = new SqlParameter("@pwd", SqlDbType.VarChar, 50);
- //paras[1].Value = pwd;
- paras[1].Value = MyProviders.MySQLMembershipProvider.GetMd5(pwd);//将密码转化为md5格式
- SqlCommand cmd = new SqlCommand(strsql, conn);
- for (int i = 0; i < paras.Length; i++)
- {
- cmd.Parameters.Add(paras[i]);
- }
- conn.Open();
- SqlDataReader dr = cmd.ExecuteReader();
- if (dr.Read())
- {
- return true;
- }
- }
- catch (Exception ex)
- {
- throw ex;
- }
- finally
- {
- conn.Close();
- }
- return false;
- }
- }
- }
NewsDB.cs
- using System;
- using System.Data;
- using System.Configuration;
- using System.Web;
- using System.Web.Security;
- using System.Web.UI;
- using System.Web.UI.WebControls;
- using System.Web.UI.WebControls.WebParts;
- using System.Web.UI.HtmlControls;
- using System.Data.SqlClient;
- /// <summary>
- /// DB 的摘要说明
- /// </summary>
- ///
- namespace NewsSystem
- {
- public class NewsDB
- {
- public NewsDB()
- {
- //
- // TODO: 在此处添加构造函数逻辑
- //
- }
- public static SqlConnection CreatCon()
- {
- string str = ConfigurationManager.AppSettings["SiteSqlServer"];
- return new SqlConnection(str);
- }
- public static bool Getcmd(String strsql, params SqlParameter[] paras)
- {
- SqlConnection conn = NewsDB.CreatCon();
- try
- {
- conn.Open();
- SqlCommand cmd = new SqlCommand(strsql, conn);
- for (int i = 0; i < paras.Length; i++)
- {
- cmd.Parameters.Add(paras[i]);
- }
- int a = Convert.ToInt32(cmd.ExecuteNonQuery());
- if (a > 0)
- {
- return true;
- }
- }
- catch (Exception ex)
- {
- throw ex;
- }
- finally
- {
- conn.Close();
- }
- return false;
- }
- public static DataSet Getds(String strsql)
- {
- SqlConnection con = NewsDB.CreatCon();
- DataSet ds = null;
- try
- {
- SqlDataAdapter da = new SqlDataAdapter(strsql, con);
- ds = new DataSet();
- da.Fill(ds);
- }
- catch (Exception er)
- {
- throw er;
- }
- return ds;
- }
- }
- }
在
- public static bool Login(string name, string pwd){}
中我们可以自定义sql语句,比如我们上面的例子就有验证了用户的角色。
参考文章:Visual Studio 2005 Login 控件的使用
本文转自xwdreamer博客园博客,原文链接:http://www.cnblogs.com/xwdreamer/archive/2010/03/22/2297149.html,如需转载请自行联系原作者