我创建了这个简单的登录页面。当用户不存在时,它应该在标签文本中显示“错误的用户”,输入的密码不正确时显示“密码错误”等。
但每当我尝试登录时,当用户确实存在于表格中时,总是会显示“用户错误”。我手动输入了用户名和密码,而不是在此应用程序中使用任何存储的序列。
这是代码;请告诉我,我做错了什么。显然这是一个逻辑错误。
Default.cs文件:
using System;
using System.Configuration;
using System.Data;
using System.Data.SqlClient;
using System.Configuration;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
public partial class _Default : System.Web.UI.Page
{
SqlConnection con = new SqlConnection();
protected void Page_Load(object sender, EventArgs e)
{
con.ConnectionString = ConfigurationManager.ConnectionStrings["cn"].ConnectionString;
if (con.State == ConnectionState.Closed)
{
con.Open();
}
}
protected void Button1_Click(object sender, EventArgs e)
{
Int32 d = checkUser(UserName.Text, Password.Text);
if (d == -1)
{
Label1.Text = "Wrong user";
}
if (d == -2)
{
Label1.Text = "Wrong password";
}
if (d == 2)
{
Label1.Text = "Login Successful";
}
}
private Int32 checkUser(String u, String p)
{
SqlCommand cmd = new SqlCommand();
cmd.CommandText = "LogInCheck";
cmd.CommandType = CommandType.StoredProcedure;
cmd.Connection = con;
cmd.Parameters.Add("@u", SqlDbType.VarChar, 50).Value = u;
cmd.Parameters.Add("@p", SqlDbType.VarChar, 50).Value = p;
SqlParameter p1 = new SqlParameter("@ret", SqlDbType.Int);
p1.Direction = ParameterDirection.ReturnValue;
cmd.Parameters.Add(p1);
cmd.ExecuteNonQuery();
Int32 k = Convert.ToInt32(cmd.Parameters["@ret"].Value);
return k;
}
}
.aspx文件:
<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Default.aspx.cs" Inherits="_Default" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title>Untitled Page</title>
</head>
<body>
<form id="form1" runat="server">
<div>
Username :
<asp:TextBox ID="UserName" runat="server"></asp:TextBox>
<br />
Password :
<asp:TextBox ID="Password" runat="server" TextMode="Password"></asp:TextBox>
<asp:Button ID="Button1" runat="server" Text="Login" onclick="Button1_Click"/>
<br />
<asp:Label ID="Label1" runat="server" Text="Label"></asp:Label>
</div>
</form>
</body>
</html>
我的存储过程,LogInCheck:
ALTER PROCEDURE LogInCheck
(
@u varchar(50),
@p varchar(50)
)
AS
Declare @ap varchar(50)
Select @ap from tbuser where uname=@u
if @ap is null
begin
return -1
end
else
if @ap=@p
return 1
else
return -2
答案 0 :(得分:-1)
您的选择查询未将任何值放入@ap。试试这个:
Select @ap=<col_name> from tbuser where uname=@u
<强>更新强> 在你开始主要的其他工作之后尝试开始和结束。
Declare @ap varchar(50)
Select @ap from tbuser where uname=@u
if @ap is null
begin
return -1
end
else
begin --Here
if @ap=@p
return 1
else
return -2
end --And here