正在学习asp.net,做了一些很小的网站,用sqlserver 2005做后台数据库。做的有管理页面,理论上管理页面只能在登陆以后才能显示,可是我现在做的网站,在网址里直接输入登陆后的网页的路径也能访问。请问该如何解决这个问题??谢谢!!
------解决方案--------------------------------------------------------
写一个页面基类,然后所有的aspx页面都继承自该类来控制
- C# code
using System;using System.Collections.Generic;using System.Linq;using System.Web;using System.Web.UI;using System.Web.UI.WebControls;using Microsoft.VisualBasic;using System.Xml;using System.Web.UI.HtmlControls;namespace CSDN{ public class BasePage : System.Web.UI.Page { public BasePage() { } public string PageTitle { get { return Page.Title; } set { Page.Title = value; } } /// <summary> /// 出示话页面 /// </summary> /// <param name="e"></param> protected override void OnInit(EventArgs e) { object currentUser = Session["LoginName"]; if (currentUser == null) { MessageBoxAndRedirect("请重新登录", "../Longin/Longin.aspx", ""); } string cssUrl = "../_rec/css/base.css"; HtmlLink CssControl = new HtmlLink(); CssControl.Href = cssUrl; CssControl.Attributes.Add("rel", "stylesheet"); CssControl.Attributes.Add("type", "text/css"); Page.Header.Controls.Add(CssControl); cssUrl = "../_rec/css/layout.css"; CssControl = new HtmlLink(); CssControl.Href = cssUrl; CssControl.Attributes.Add("rel", "stylesheet"); CssControl.Attributes.Add("type", "text/css"); Page.Header.Controls.Add(CssControl); cssUrl = "../_rec/css/form.css"; CssControl = new HtmlLink(); CssControl.Href = cssUrl; CssControl.Attributes.Add("rel", "stylesheet"); CssControl.Attributes.Add("type", "text/css"); Page.Header.Controls.Add(CssControl); cssUrl = "../_rec/css/table.css"; CssControl = new HtmlLink(); CssControl.Href = cssUrl; CssControl.Attributes.Add("rel", "stylesheet"); CssControl.Attributes.Add("type", "text/css"); Page.Header.Controls.Add(CssControl); } /// 跳转父页面 /// </summary> /// <param name="AText">要显示的文本内容。</param> /// <param name="AUrl">警告框关闭后浏览器将要跳转的地址。</param> /// <remarks></remarks> public static void MessageBoxAndRedirect(string AText, string AUrl, string Top) { AText = FormatJScriptAlertText(AText); System.Web.HttpContext.Current.Response.Write("<script language='Javascript'>alert('" + AText + "');" + Constants.vbNewLine + "window.top.location.href ='" + AUrl + "';" + "</script>"); System.Web.HttpContext.Current.Response.End(); } /// <summary> /// 格式化 JScript 函数 Alert 中的文本为 HTML 格式。 /// </summary> /// <param name="AText">要格式化的 Alert 文本。</param> /// <returns>字符串。可以被 JScript Alert 函数正确显示的字符串。</returns> /// <remarks></remarks> public static string FormatJScriptAlertText(string AText) { string s = AText.Replace("\\", "\\\\"); s = s.Replace(ControlChars.CrLf, "\n"); s = s.Replace(ControlChars.Cr, char.Parse("\n")); s = s.Replace(ControlChars.Lf, char.Parse("\n")); s = s.Replace("'", "\'"); return s; } public string CurrentUser { get { object currentUser = Session["LoginName"]; if (currentUser != null) { return (string)currentUser; } else { Response.Redirect("Login.aspx"); return null; } } set { Session["LoginName"] = value; } } public virtual void MsgBox(string msg) { string scriptString = "<script language=JavaScript>"; //String scriptString = "〈script language=JavaScript〉"; scriptString += "window.alert('" + msg + "')"; scriptString += "</script>"; if (!ClientScript.IsClientScriptBlockRegistered("MsgBox")) { ClientScript.RegisterClientScriptBlock(this.GetType(), "MsgBox", scriptString); } } }}