sqlsecurity.aspx.cs

ASP C#代码实例 适合初学人士学习使用

using System;
using System.Collections;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Web;
using System.Web.SessionState;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.HtmlControls;
using System.Configuration;
using System.Data.SqlClient;

namespace Example_14_2
{
	/// <summary>
	/// Summary description for SQLSecurity.
	/// </summary>
	public class SQLSecurity : System.Web.UI.Page
	{
		private readonly string SQLCONNECTIONSTRING = ConfigurationSettings.AppSettings["SQLCONNECTIONSTRING"].ToString();

		protected System.Web.UI.WebControls.Label Label1;
		protected System.Web.UI.WebControls.TextBox UserName;
		protected System.Web.UI.WebControls.TextBox Password;
		protected System.Web.UI.WebControls.Button LoginBtn;
		protected System.Web.UI.WebControls.Label LoginMessage;
		protected System.Web.UI.WebControls.Label SQLLogin;
		protected System.Web.UI.WebControls.Label Label2;
	
		private void Page_Load(object sender, System.EventArgs e)
		{
			// Put user code to initialize the page here
		}

		private string Login(string userName,string password)
		{
			string userId = "";
			SqlConnection myConnection = new SqlConnection(SQLCONNECTIONSTRING);
			String cmdText = "SELECT UserID FROM Users WHERE UserName='" + userName 
				+ "' AND Password='" + password + "'";
			SqlCommand myCommand = new SqlCommand(cmdText,myConnection);
			myConnection.Open();

			SqlDataReader recu = myCommand.ExecuteReader();
			if(recu.Read())
			{
				userId = recu["UserID"].ToString();
			}
			recu.Close();
			myConnection.Close();	

			///显示登录的SQL语句
			SQLLogin.Text = cmdText;	
			SQLLogin.Visible = true;
			return(userId);
		}

		#region Web Form Designer generated code
		override protected void OnInit(EventArgs e)
		{
			//
			// CODEGEN: This call is required by the ASP.NET Web Form Designer.
			//
			InitializeComponent();
			base.OnInit(e);
		}
		
		/// <summary>
		/// Required method for Designer support - do not modify
		/// the contents of this method with the code editor.
		/// </summary>
		private void InitializeComponent()
		{    
			this.LoginBtn.Click += new System.EventHandler(this.LoginBtn_Click);
			this.Load += new System.EventHandler(this.Page_Load);

		}
		#endregion

		private void LoginBtn_Click(object sender, System.EventArgs e)
		{
			if(UserName.Text.Trim().Length > 0 && Password.Text.Trim().Length > 0)
			{
				if(Login(UserName.Text.Trim(),Password.Text.Trim()).Length > 0)
				{
					LoginMessage.Text = "用户登录成功！";
				}
				else
				{
					LoginMessage.Text = "用户登录失败，请重新登录！";
				}
			}

		}
	}
}