用户的登录随处可见,这个程序估计谁都会写,这里将会使用到数据库以及asp.net的一些比较基础的知识如内置对象,ashx.下面就来写下这个程序吧。
1.写一个数据库的连接类,在这个类的构造方法取得数据库连接
using System; using System.Data; using System.Configuration; using System.Linq; using System.Web; using System.Web.Security; using System.Web.UI; using System.Web.UI.HtmlControls; using System.Web.UI.WebControls; using System.Web.UI.WebControls.WebParts; using System.Xml.Linq; using System.Data.SqlClient; namespace login.bean { public class DBConnection { SqlConnection conn = null; string path = AppDomain.CurrentDomain.BaseDirectory; public DBConnection(){ if (path.EndsWith(@"\bin\Debug") || path.EndsWith(@"\bin\Release")) { path = System.IO.Directory.GetParent(path).Parent.Parent.FullName; AppDomain.CurrentDomain.SetData("DataDirectory", path); } this.conn= new SqlConnection(@"Data Source=.\SQLEXPRESS;AttachDBFilename=|DataDirectory|\mydb.mdf;Integrated Security=True;User Instance=True"); } public SqlConnection getConnection() { return this.conn; } } }
2.登录页面
<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="login.aspx.cs" Inherits="login._Default" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" > <head runat="server"> <title>用户登录</title> </head> <body> <form id="form1" runat="server" action="ashx/ToLogin.ashx"> 用户名:<input type="text" name="name" id="name"/><br /><br /> 密码:<input type="password" name="password" id="password"/><br /><br /> <input type="submit" value="登录"/> <input type="reset" value="取消"/> </form> </body> </html>
4。写一个ashx处理用户登录,登录成功就存session,跳转到成功页面反之的是登录页面
using System; using System.Collections; using System.Data; using System.Linq; using System.Web; using System.Web.Services; using System.Web.Services.Protocols; using System.Xml.Linq; using System.Web.SessionState; using System.Data.SqlClient; using login.bean; namespace login.ashx { /// <summary> /// $codebehindclassname$ 的摘要说明 /// </summary> [WebService(Namespace = "http://tempuri.org/")] [WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)] public class ToLogin : IHttpHandler,IReadOnlySessionState { public void ProcessRequest(HttpContext context) { context.Response.ContentType = "text/html"; string name=context.Request["name"]; string password = context.Request["password"]; DBConnection conn = new DBConnection(); conn.getConnection().Open(); using (SqlCommand command = conn.getConnection().CreateCommand()) { command.CommandText = "select count(id) from t_customer where name=@name and password=@password"; command.Parameters.Add(new SqlParameter("name",name)); command.Parameters.Add(new SqlParameter("password", password)); int tem = Convert.ToInt32(command.ExecuteScalar()); if (tem == 1) { context.Session["username"]= name; context.Session["password"] = password; context.Server.Transfer("/success/success.aspx"); } else { context.Server.Transfer("/login.aspx"); } } } public bool IsReusable { get { return false; } } } }
这里的数据库操作可以防止sql注入,同时拼写sql语句我也是最恨的。
5.成功页面
<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="success.aspx.cs" Inherits="login.success.success" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" > <head runat="server"> <title>登录成功</title> </head> <body> <% string name =(string) Session["username"]; %> 你好,<%=name%> </body> </html>