我有一个Web应用程序。它有大约25-30个webforms,我在网络上将iis发布给用户。我的问题是" a"用户登录并使用应用程序" b"用户登录并突然" a"用户成为" b"用户。我怎么解决这个问题?
我尝试过会话并获得&设置用户ID的方法,但仍然在网络上更改用户。
这是登录页面,
cn.Open();
SqlCommand cmd = new SqlCommand("select id, sifre,aktif from Kullanici where id='" + TextBox1.Text + "' and sifre='" + TextBox2.Text + "' and aktif='1'", cn);
SqlDataReader dr = cmd.ExecuteReader();
string login = TextBox1.Text;
string pwd = TextBox2.Text;
bool bayrak = false;
while (dr.Read())
{
bayrak = true;
if ((dr["id"].ToString() == login) && (dr["sifre"].ToString() == pwd) && (dr["aktif"].ToString() == "1"))
{
Session["id"] = login;
Response.Redirect("~/WebForm2.aspx");
}
}
这是webform2代码
WebForm1 form1 = new WebForm1();
kullanici = Session["id"].ToString();
if (IsPostBack == false)
{
cn.Open();
SqlCommand komutad = new SqlCommand("select ad from kullanici where id='" + kullanici + "'", cn);
SqlCommand komutsoyad = new SqlCommand("select soyad from kullanici where id='" + kullanici + "'", cn);
SqlCommand komutadmin = new SqlCommand("select admin from kullanici where id='" + kullanici + "'", cn);
try{
name = komutad.ExecuteScalar().ToString();
surname = komutsoyad.ExecuteScalar().ToString();
admin = komutadmin.ExecuteScalar().ToString();
}
catch
{
Response.Redirect("~/WebForm1.aspx");
}
DateTime tarih = DateTime.Today;
Label1.Text = tarih.ToString().Substring(0, 10) + " --- Welcome " + name + " " + surname;
cn.Close();
if (admin == "0" && TreeView1.Nodes.Count == 4)
{
TreeView1.Nodes.RemoveAt(0);
}
}
name和surname成为每个用户的最后一个登录用户。
答案 0 :(得分:1)
不要在Web应用程序中使用静态变量http://www.foliotek.com/devblog/avoid-static-variables-in-asp-net/