这两天一直在用asp.net实现一个登录功能,收获颇多,分享下本人所得:
首先说明下本人用的开发工具是Microsoft Visual Studio 2010版本,数据库用的是Sql Server 2005。
用sql语句创建用户表userInfo:
create table userInfo(
userId int not null primary key identity(1,1),
userName varchar(255),
password varchar(255),
remark varchar(255));
not null 表示非空,primary key表示主键,identity表示自增。
用sql语句添加一个用户admin5:
insert into userInfo(userName,password)values('admin5','admin5');//添加数据
创建login.aspx页面:
<%@ Page Language="C#" AutoEventWireup="true" CodeFile="login.aspx.cs" Inherits="study_login" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title>loginDemo</title>
<style type="text/css">
#lblMessage{ margin-left:5px; color:Red;}
.yzyh{color:Gray;}
</style>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:Label ID="Label1" runat="server" Text="用户名:"></asp:Label>
<asp:TextBox ID="TextBox1" runat="server"></asp:TextBox><br />
<asp:Label ID="Label2" runat="server" Text="密 码:"></asp:Label>
<asp:TextBox ID="TextBox2" runat="server" TextMode="Password"></asp:TextBox><br />
<asp:Button ID="Button1" runat="server" Text="登录" onclick="Button1_Click" />
</div>
<asp:Label id="lblMessage" runat="server"></asp:Label>
</form>
</body>
</html>
login.aspx.cs页面来实现登录功能:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.SqlClient;
using IceLine.Iar.Tools;
public partial class study_login : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
//login();
//queryUserInfo();
}
public void login()
{
string str = "server=服务器名;database=数据库名;uid=用户名;pwd=密码;Trusted_Connection=no";
SqlConnection conn = new SqlConnection(str);
conn.Open();
string sql = "select * from userInfo where userName=@userName and password=@password";
SqlCommand comm = new SqlCommand(sql, conn);
comm.Parameters.Add("userName", TextBox1.Text);
comm.Parameters.Add("password", TextBox2.Text);
SqlDataReader sdr = comm.ExecuteReader();
if (sdr.Read())
{
Session["userName"] = TextBox1.Text;
Session["password"] = TextBox2.Text;
//lblMessage.Text = "登陆成功!";
Response.Write("<script>alert('欢迎" + Session["userName"] + ",您成功登录!');location.href='../secure/report/test2.aspx';</script>");
//Response.Write("<script>alert('登录成功欢迎您');location.href='../secure/report/test2.aspx';</script>");
}
else
{
lblMessage.Text = "无法登陆,用户名或密码错误!";
//Response.Redirect("login.aspx");
}
//Server.Transfer("../secure/report/test2.aspx");
//Response.Write("<script>alert('登录成功欢迎您');location.href='../secure/report/test2.aspx';</script>");
//Response.Write("../secure/report/test.aspx");
//Response.Redirect("../secure/report/test.aspx");
conn.Close();
}
public void queryUserInfo() {
clsDbAccept cds = new clsDbAccept();
Session["userName"] = TextBox1.Text;
Session["password"] = TextBox2.Text;
string sql = "select * from userInfo where userName='" + Session["userName"] + " 'and password='" + Session["password"]+"'";
SqlDataReader sdr = null;
IarDBManager db = new IarDBManager();
sdr = db.Query(sql);
if (sdr.Read())
{
Session["userName"] = TextBox1.Text;
Session["password"] = TextBox2.Text;
//lblMessage.Text = "登陆成功!";
Response.Write("<script>alert('欢迎" + Session["userName"] + ",您成功登录!');location.href='../secure/report/test2.aspx';</script>");
//Response.Write("<script>alert('登录成功欢迎您');location.href='../secure/report/test2.aspx';</script>");
}
else
{
lblMessage.Text = "无法登陆,用户名或密码错误!";
//Response.Redirect("login.aspx");
}
}
protected void Button1_Click(object sender, EventArgs e)
{
//queryUserInfo();
login();
}
}
Trusted_Connection=no表示用的数据库用户名和密码登录,如果为yes,则用windows登录。上面代码中login()方法和queryUserInfo()方法都是实现用户登录功能,只是用的数据库连接方式不一样,后者用的是现有的封装代码,你可以忽略。
注意:实现登录是点击登录按钮后才触发事件的,并不是刷新页面就加载。如果其他页面想要显示用户名,直接用Session["userName"]