aspx.net中有一個登錄頁面,要求用戶輸入他們的用戶名以及他們的授權級別。查看來自網頁的登錄信息
我的問題是,他們這樣做,我必須從中讀取,並檢查他們從一個SQL數據庫中輸入所有可能的用戶名和授權。問題是登錄頁面在aspx.net中,並且檢查登錄信息的代碼是常規的.cs文件。
如果有人可以查看我的代碼,並告訴我我做錯了什麼,並可能給我一個更好的代碼或修復我擁有的那些很棒!
對於錯誤和困惑抱歉,我是編碼新手!
這是我到目前爲止有:
public bool getCredentials(string UserName, string Authlvl)
{
bool valid = false;
string loginSQL = "SELECT COUNT FROM user_verification WHERE userID = '" + UserName + "' AND auth_lvl = '" + Authlvl + "'";
SqlCommand cmd = new SqlCommand(loginSQL, dB.Connect());
try
{
int rowCount = Convert.ToInt32(cmd.ExecuteScalar());
if (rowCount >= 1)
{
valid = true;
}
else if (rowCount <= 0)
{
valid = false;
}
}
catch
{
}
return valid;
}
public void getInfo(string _Username, string Authlvl)
{
string selectAllSql = "Select auth_lvl FROM user_verification WHERE userID = '" + UserName + "'AND auth_lvl = '" + Authlvl
+ "'";
SqlCommand cmd = new SqlCommand(selectAllSql, dB.Connect());
Authlvl = "";
SqlDataReader reader;
try
{
reader = cmd.ExecuteReader();
while (reader.Read())
{
UserName.Text = reader["username"].ToString();
Authlvl.Text = reader["auth_lvl"].ToString();
}
}
catch (Exception ex)
{
throw (new Exception("" + ex));
}
}
private void Form1_Load(object sender, EventArgs e)
{
// TODO: This line of code loads data into the 'import_logDataSet.DB_tables' table. You can move, or remove it, as needed.
this.dB_tablesTableAdapter.Fill(this.import_logDataSet.DB_tables);
}
private void button1_Click(object sender, EventArgs e)
{
save.ShowDialog();
}
private void button3_Click(object sender, EventArgs e)
{
//Clears all text in text box
ID.Clear();
}
private void button4_Click(object sender, EventArgs e)
{
string str = @"";
Process process = new Process();
process.StartInfo.FileName = str;
process.Start();
}
private void ID_KeyPress(object sender, KeyPressEventArgs e)
{
char ch = e.KeyChar;
if (!Char.IsDigit(ch) && ch != 8 && ch != 13 && e.KeyChar < 65 || e.KeyChar > 122)
{
e.Handled = true;
}
StreamWriter sw = new StreamWriter("ExporterOutput.txt");
sw.WriteLine(ID.Text);
sw.Close();
}
private void OutputBox_TextChanged(object sender, EventArgs e)
{
MessageBox.Show("Here is the information you input: ");
StreamWriter sw = new StreamWriter("ExporterOutput.txt");
sw.WriteLine(ID.Text, UserName.Text, Authlvl.Text, comboBox1.Text, comboBox2.Text, FolderDrop.Text);
sw.Close();
}
private void Help_LinkClicked(object sender, LinkLabelLinkClickedEventArgs e)
{
System.Diagnostics.Process.Start("http://www.google.com");
Help.LinkVisited = true;
}
private void save_FileOk(object sender, CancelEventArgs e)
{
}
}
}
SQL注入 - Noooo! – Yuck
請發佈你看到的任何錯誤。另外,ASPX文件對於幫助診斷它和代碼隱藏頁面之間是否存在問題很有用。 –
好吧,我有研究它,我發現很多東西都說要使用isPostBack屬性從.net文件讀取。我只想讀取我的文件上的登錄信息,然後檢查它是否在sql數據庫上。 – compucrazy