Question

我对ASP.NET C＃有一个相当奇怪的问题。

似乎我可以在我的选择下拉列表中使用除第一个选项之外的任何其他选项登录。我已经检查了数据库中的密码及其正确。

任何人都知道为什么会这样吗？

这是我的代码：

的Login.aspx

<form id="loginForm" runat="server">
        <asp:Login runat="server" OnAuthenticate="Login1_Authenticate" Width="293px" Height="172px"
            ID="Login_Box">
            <LayoutTemplate>

                <!-- department -->
                <div id="dept" style="text-align: left">
                    Department<br />
                    <asp:DropDownList ID="UserName" runat="server" DataSourceID="SqlDataSource1" DataTextField="dept"
                        DataValueField="id" DataMember="DefaultView">
                    </asp:DropDownList>
                    <asp:SqlDataSource ID="SqlDataSource1" runat="server" ConnectionString="<%$ ConnectionStrings:team13ConnectionString %>"
                        SelectCommand="SELECT [id], [dept] FROM [ts_dept] ORDER BY [dept]"></asp:SqlDataSource>
                </div>

                <!-- password -->
                <div id="pass" style="text-align: left">
                    Password:<br />
                    <asp:TextBox ID="Password" runat="server" TextMode="Password"></asp:TextBox>
                    <asp:RequiredFieldValidator ID="PasswordRequired" runat="server" ControlToValidate="Password"
                        ErrorMessage="Password is required." ToolTip="Password is required." ValidationGroup="Login1"
                        ForeColor="Red" Display="Dynamic">Password is required.</asp:RequiredFieldValidator>
                </div>

                <!-- failure text -->
                <div style="text-align: left; color: Red">
                <asp:Literal ID="FailureText" runat="server" EnableViewState="False" Mode="Encode"></asp:Literal>
                </div>
                <br />

                <!-- sign in button -->
                <div class="btn" style="float: right" runat="server">
                    <asp:Button ID="LoginButton" runat="server" CommandName="Login" Text="Log In" ValidationGroup="Login1"
                        CssClass="cupid-green"/>
                </div>

            </LayoutTemplate>
        </asp:Login>
        </form>

Login.aspx.cs

using System;
using System.Collections;
using System.Configuration;
using System.Data.SqlClient;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
using System.Web.Configuration;

public partial class login : System.Web.UI.Page
{

    protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)
    {
        string username = Login_Box.UserName;
        string pwd = Login_Box.Password;

        string strConn;
        strConn = WebConfigurationManager.ConnectionStrings["team13ConnectionString"].ConnectionString;
        SqlConnection Conn = new SqlConnection(strConn);
        Conn.Open();

        string sqlUserName;
        sqlUserName = "SELECT id,pass FROM ts_dept ";
        sqlUserName += " WHERE (id ='" + username + "')";
        sqlUserName += " AND (pass ='" + pwd + "')";
        SqlCommand com = new SqlCommand(sqlUserName, Conn);

        string CurrentName;
        CurrentName = (string)com.ExecuteScalar();

        if (CurrentName != null)
        {
            Session["UserAuthentication"] = username;
            Session.Timeout = 1;
            Response.Redirect("Default.aspx");
        }
        else
        {
            Session["UserAuthentication"] = "";
        }
    }
}

Answer 1

一切看起来都不错我认为我们需要查看数据库以确保用户实际上拥有正确的部门ID。

即使密码在数据库中正确，第一个选择选项也始终返回登录错误

1 个答案: