使用其他用户在不同页面中登录?

时间:2015-09-23 14:38:10

标签: c# asp.net function if-statement code-behind

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.SqlClient;
using MSSQLConnector;
using System.Data;

namespace SoftwareAnalysisAndDesign.SAD
{
    public partial class OnlineAppSyss : System.Web.UI.Page
    {
        private MSConnector connector = new MSConnector();
        //string queries for each DataSet
        string query = null;
        string teacherquery = null;
        string subjectquery = null;
        string schoolfeequery = null;
        string accountdetailsquery = null;
        int rowcounter = 0;
        int teachercounter = 0;

        //DataSet and DataTable initialization
        private DataSet studentData;
        private DataSet subjectData;
        private DataSet schoolfeeData;
        private DataSet teacherData;
        private DataSet accountdetailsData;
        private DataTable subjectTable;
        private DataTable schoolfeeTable;
        private DataTable accountdetailsTable;
        protected void Page_Load(object sender, EventArgs e)
        {
        }
        protected void Button1_Click(object sender, EventArgs e)
        {
            if (dropdownrole.SelectedItem.Value == "Admin")
            {
                Admin();
            }
            else if (dropdownrole.SelectedItem.Value == "Student")
            {
                Student();
            }
            else if (dropdownrole.SelectedItem.Value == "Teacher")
            {
                Teacher();
            }
        }
        public void Admin()
        {
            //String decleration
            string adminusername = (this.UserName.Value);
            string adminpass = (this.Password.Value);

            try
            {
                if (adminusername == "admin" && adminpass == "cmpe1234")
                {
                    Session["adminlogin"] = adminusername;
                    Response.Redirect("AdministratorPage.aspx");
                }
            }
            catch
            {
                Response.Write("<script language=javascript>alert('Username and password does not match. Try again');</script>");
            }
        }
        public void Student()
        {
            //Connection String
            connector.ConnectionString = "Data Source=keith;Initial Catalog=SAD;Integrated Security=True";

            //String decleration
            string username = (this.UserName.Value);
            string pass = (this.Password.Value);

            //query database from sql server management studio for student
            query = "select studentid,password,firstname,lastname,course,year from student";

            //execute query for student
            studentData = connector.ExecuteQuery(query);


            try
            {
                for (; ; )
                {
                    //string decleration and getting each rows of the Student database
                    string userid = studentData.Tables[0].Rows[rowcounter]["StudentID"].ToString();
                    string password = studentData.Tables[0].Rows[rowcounter]["Password"].ToString();
                    string firstname = studentData.Tables[0].Rows[rowcounter]["FirstName"].ToString();
                    string lastname = studentData.Tables[0].Rows[rowcounter]["LastName"].ToString();
                    string course = studentData.Tables[0].Rows[rowcounter]["Course"].ToString();
                    string year = studentData.Tables[0].Rows[rowcounter]["Year"].ToString();


                    //For Student Condition
                    if (username == userid && pass == password)
                    {
                        //For Student Data Sessions
                        Session["login"] = userid;
                        Session["firstname"] = firstname;
                        Session["lastname"] = lastname;
                        Session["course"] = course;
                        Session["year"] = year;

                        //For Account Details Data
                        accountdetailsquery = "select StudentID,FirstName,MiddleName,LastName,Age,Province,City,Course,Year,College,Department,ContactNumber,Email from student where studentid = " + username + "";

                        //query database from sql server management studio for student as accountDetails Information
                        accountdetailsData = connector.ExecuteQuery(accountdetailsquery);

                        accountdetailsTable = accountdetailsData.Tables[0];
                        Session["AccountDetails"] = accountdetailsTable;

                        //For SchoolFee Data
                        //query database from sql server management studio for schoolfee
                        schoolfeequery = "select DatePaid,AmountPaid,CurrentBalance,TotalBalance,Semester from schoolfee where studentid = " + username + "";

                        //execute query for schoolfee
                        schoolfeeData = connector.ExecuteQuery(schoolfeequery);

                        //get all data rows for SchoolFee and store it into DataTable
                        schoolfeeTable = schoolfeeData.Tables[0];
                        Session["SchoolFee"] = schoolfeeTable;

                        //For Subject Data
                        //query database from sql server management studio for subject
                        subjectquery = "select CourseNo,CourseDescription,Units,Day,StartTime,EndTime,Room from subject where studentid = " + username + "";

                        //execute query for subject
                        subjectData = connector.ExecuteQuery(subjectquery);

                        //get all data rows for Subject and store it into DataTable 
                        subjectTable = subjectData.Tables[0];
                        Session["Subjects"] = subjectTable;

                        //Redirect the page to Student Page after the user successfully logs in.
                        Response.Redirect("StudentPage.aspx", true);

                        break;
                    }
                    else
                    {
                        rowcounter++;
                    }
                }

            }
            catch
            {
                Response.Write("<script language=javascript>alert('Username and password does not match. Try again');</script>");
            }

        }
        public void Teacher()
        {
            //Connection String
            connector.ConnectionString = "Data Source=keith;Initial Catalog=SAD;Integrated Security=True";

            //String decleration
            string username = (this.UserName.Value);
            string pass = (this.Password.Value);

            //query database from sql server management studio for student
            teacherquery = "select teacherid,password,firstname,lastname,department,position from teacher";

            //execute query for student
            teacherData = connector.ExecuteQuery(teacherquery);

            try
            {
                for (; ; )
                {
                    //string decleration and getting each rows of the Teacher database
                    string teacheruserid = teacherData.Tables[0].Rows[rowcounter]["TeacherID"].ToString();
                    string teacherpassword = teacherData.Tables[0].Rows[rowcounter]["Password"].ToString();
                    string teacherfirstname = teacherData.Tables[0].Rows[rowcounter]["FirstName"].ToString();
                    string teacherlastname = teacherData.Tables[0].Rows[rowcounter]["LastName"].ToString();
                    string teacherdepartment = teacherData.Tables[0].Rows[rowcounter]["Department"].ToString();
                    string teacherposition = teacherData.Tables[0].Rows[rowcounter]["Position"].ToString();

                    //For Teacher Condition
                    if (username == teacheruserid && pass == teacherpassword)
                    {
                        Session["teacherlogin"] = teacheruserid;
                        Session["teacherfirstname"] = teacherfirstname;
                        Session["teacherlastname"] = teacherlastname;
                        Session["department"] = teacherdepartment;
                        Session["position"] = teacherposition;

                        //Redirect the page to Student Page after the user successfully logs in.
                        Response.Redirect("TeacherPage.aspx", true);
                        break;
                    }
                    else
                    {
                        rowcounter++;
                    }
                }
            }
            catch
            {
                Response.Write("<script language=javascript>alert('Username and password does not match. Try again (teacher)');</script>");
            }
        }
    }
}

我的问题是我无法访问此代码中的教师页面,它只会访问学生页面。我应该在系统中使用什么条件来避免冗余?

这是我的下拉列表的aspx代码:

<asp:DropDownList runat="server" id="dropdownrole">
    <asp:ListItem Text="Admin">Admin</asp:ListItem>
    <asp:ListItem Text="Student">Student</asp:ListItem>
    <asp:ListItem Text="Teacher">Teacher</asp:ListItem>
</asp:DropDownList>

和登录按钮:

 protected void Button1_Click(object sender, EventArgs e)
        {
            if (dropdownrole.SelectedItem.Value == "Admin")
            {
                Admin();
            }
            else if (dropdownrole.SelectedItem.Value == "Student")
            {
                Student();
            }
            else if (dropdownrole.SelectedItem.Value == "Teacher")
            {
                Teacher();
            }
        }

我想要一个条件,如果用户名和密码输入检测到2个用户中的任何一个,它将重定向到他们的特定网页。请帮助。

2 个答案:

答案 0 :(得分:2)

您没有在teacherquery中选择教师密码,因此teacherpassword始终为空,条件password == teacherpassword始终为假。

DPac 一样,您不需要查询所有行只是为了验证用户名&amp;密码,只需选择用户名&amp;首先是密码,如果正确,则选择所需的所有行并将它们分配给会话,然后重定向。

关于问题如果学生的用户名与教师的用户名相同,会有很多麻烦,为了避免它(没有做很多事情)就要再增加1个{{ 1}}名为int的两个表中的行(例如:1 = admin,2 =老师,3 =学生等)并允许它为空。然后进入每个表并将该行更新为正确的值(例如在学生表中:userRole)。更新完所有行然后转到Design并将userRole设置为 not allow null 现在用户名+ userRole组合(应该是您的主键)将使您的生活更轻松。

答案 1 :(得分:1)

虽然我更喜欢@ ronaldinho给两个表赋予RoleId列的方法。这就是你可以做的而不会打扰数据库。

只需添加一个带有项目的下拉列表&#34;教师&#34;和#34;学生&#34;在您的登录页面上。当有人试图登录时,他们必须选择他们的角色,然后输入。这样您就可以将代码指向

   protected void Button1_Click(object sender, EventArgs e)
    {
        if (dropdownrole.SelectedItem.Text == "Admin")
        {
            Admin();
        }
        else if (dropdownrole.SelectedItem.Text == "Student")
        {
            Student();
        }
        else if (dropdownrole.SelectedItem.Text == "Teacher")
        {
            Teacher();
        }
    }

看看你是否可以