-
Notifications
You must be signed in to change notification settings - Fork 0
/
Login.aspx.cs
142 lines (123 loc) · 4.21 KB
/
Login.aspx.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Data.SqlClient;
using System.Web.SessionState;//用要到session保存的ID
[Serializable]
public partial class Login : System.Web.UI.Page
{
Datacon dacon = new Datacon();
protected void Page_Load(object sender, EventArgs e)
{
if (!Page.IsPostBack)
{
username.Text = null;
password.Text = null;
}
else
{
//Session.Abandon();//取消当前会话
}
}
protected void submit_Click(object sender, EventArgs e)
{
//先判断验证码
string yz1 = "";
if (Context.Session["checkCode"] != null)
{
yz1 = Session["checkCode"].ToString();
}
string username1 = username.Text;
string psw1 = password.Text;
if(username1=="")
{
lab_er.Visible = true;
lab_er.Text = "用户名不能为空!";
username.Focus();
return;
}
if (psw1.Trim() == "")
{
lab_er.Visible = true;
lab_er.Text = "密码不能为空!";
password.Focus();
return;
}
string yz2 = yz.Text;
if (yz2=="")
{
lab_er.Visible = true;
lab_er.Text = "验证码不能为空!";
yz.Focus();
return;
}
// else return;
if (!yz2.ToLower().Equals(yz1))
{
lab_er.Visible = true;
lab_er.Text = "验证码错误!";
return;
}
int i = this.checkLogin(username.Text.Trim(), password.Text.Trim(),RBL1.SelectedValue);
if (i > 0)
{
Session["username"] = username.Text.Trim();
Session["role"] = RBL1.SelectedValue;
string sql = "select * from userInfo where username='" + Session["username"] + "' and password='" + password.Text.Trim() + "' and role='" + RBL1.SelectedValue + "'";
DataSet ds = dacon.getds(sql);
if (ds.Tables[0].Rows[0]["state"].ToString().Trim() == "禁用")
{
lab_er.Visible = true;
lab_er.Text = "您的账户被禁用,请与管理员联系!";
return;
}
if(RBL1.SelectedValue=="客户")
Response.Redirect("client/Default.aspx");
if (RBL1.SelectedValue == "管理员")
Response.Redirect("admin/Default.aspx");
if (RBL1.SelectedValue == "查询")
Response.Redirect("check/Default.aspx");
lab_er.Visible = false;
}
else
{
lab_er.Visible = true;
lab_er.Text = "用户名或密码错误!";
}
}
public int checkLogin(string loginName, string loginPwd,string role)
{
SqlConnection con = dacon.getcon();
try
{
SqlCommand myCommand = new SqlCommand("select count(*) from userInfo where username=@loginName and password=@loginPwd and role=@role", con);
myCommand.Parameters.Add(new SqlParameter("@loginName", SqlDbType.NVarChar, 50));
myCommand.Parameters["@loginName"].Value = loginName;
myCommand.Parameters.Add(new SqlParameter("@loginPwd", SqlDbType.NVarChar, 50));
myCommand.Parameters["@loginPwd"].Value = loginPwd;
myCommand.Parameters.Add(new SqlParameter("@role", SqlDbType.NVarChar, 50));
myCommand.Parameters["@role"].Value = role;
myCommand.Connection.Open();
int i = (int)myCommand.ExecuteScalar();
myCommand.Connection.Close();
return i;
}
catch (Exception e)
{
lab_er.Visible = true;
lab_er.Text = e.Message+",可能是数据库连接错误,请打开SQL服务!";
return 0;
}
}
protected void reg_Click(object sender, EventArgs e)
{
Response.Redirect("register/Reg.aspx");
}
}