我更改了我的存储过程以指示经过身份验证的用户是教师还是学生还是管理员..堆栈跟踪:
[InvalidCastException: Specified cast is not valid.]
myLogin.submitID_Click1(Object sender, EventArgs e) +191
System.Web.UI.WebControls.Button.OnClick(EventArgs e) +118
System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument) +112
System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument) +10
System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument) +13
System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData) +36
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +5563
这是存储过程:
ALTER PROCEDURE dbo.StoredProcedure1
/*
(
@parameter1 int = 5,
@parameter2 datatype OUTPUT
)
*/
(
@Email nvarchar(50),
@pass nvarchar(50),
@outres int = null OUTPUT,
@outres1 int = null OUTPUT,
@outres2 int = null OUTPUT,
@outres3 int = null OUTPUT,
@kind int = null OUTPUT
)
AS
/* SET NOCOUNT ON */
DECLARE @UserId INT
set @outres1 = (SELECT count(*) FROM [dbo].Admins
WHERE admin_Email=@Email AND admin_Pass=@pass)
if (@outres1=1)
begin
set @kind=1
set @outres=@outres1
SELECT @UserId = adminID
FROM [dbo].Admins WHERE admin_Email=@Email AND admin_Pass=@pass
set @outres1= @UserId
RETURN @outres
end
set @outres2= (SELECT count(*) FROM [dbo].Instructors
WHERE inst_Email=@Email AND inst_Pass=@pass)
if (@outres2=1)
begin
set @kind=2
set @outres=@outres2
SELECT @UserId = instructorID
FROM [dbo].Instructors
WHERE inst_Email=@Email AND inst_Pass=@pass
set @outres2= @UserId
RETURN @outres
end
set @outres3= (SELECT count(*) FROM [dbo].Students
WHERE stu_Email=@Email AND stu_Pass=@pass)
if (@outres3=1)
begin
set @kind=3
set @outres= @outres3
SELECT @UserId = studentID
FROM [dbo].Students
WHERE stu_Email=@Email AND stu_Pass=@pass
set @outres3= @UserId
RETURN @outres
end
else
begin
set @outres=@outres3
set @outres1=0
set @outres2=0
set @outres3=0
RETURN @outres
end
当学生登录时很好,Response.Redirect会转到指定的页面而不是教师。我尝试将教师重定向到学生页面,它也没有用,现在没有人可以登录。这是代码隐藏的代码:
public int Validate_Login(String _Email, String _Password)
{
string lbl;
string connstr = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
SqlConnection con = new SqlConnection(connstr);
SqlCommand cmdselect = new SqlCommand();
cmdselect.CommandType = CommandType.StoredProcedure;
cmdselect.CommandText = "[dbo].[StoredProcedure1]";
cmdselect.Parameters.Add("@Email", SqlDbType.NVarChar, 50).Value = _Email;
cmdselect.Parameters.Add("@pass", SqlDbType.NVarChar, 50).Value = _Password;
cmdselect.Parameters.Add("@outres", SqlDbType.Int, 4);
cmdselect.Parameters.Add("@outres1", SqlDbType.Int, 4);
cmdselect.Parameters.Add("@outres2", SqlDbType.Int, 4);
cmdselect.Parameters.Add("@outres3", SqlDbType.Int, 4);
cmdselect.Parameters.Add("@kind", SqlDbType.Int, 4);
cmdselect.Parameters["@outres"].Direction = ParameterDirection.Output;
cmdselect.Parameters["@outres1"].Direction = ParameterDirection.Output;
cmdselect.Parameters["@outres2"].Direction = ParameterDirection.Output;
cmdselect.Parameters["@outres3"].Direction = ParameterDirection.Output;
cmdselect.Parameters["@kind"].Direction = ParameterDirection.Output;
cmdselect.Connection = con;
int Results = 0;
try
{
con.Open();
// SqlDataReader rd = cmdselect.ExecuteReader();
cmdselect.UpdatedRowSource = UpdateRowSource.OutputParameters;
cmdselect.ExecuteNonQuery();
//cmdselect.ExecuteScalar();
/* if (rd.HasRows)
{
rd.Read();
// lblinfo.Text = "You are Authorized.";
FormsAuthentication.RedirectFromLoginPage(ETB.Text, true);
Response.Redirect("Welcome.aspx");
}
else
{
lblmsg.Text = "Invalid username or password.";
}*/
Results = (int)cmdselect.Parameters["@outres"].Value;
int res1 = (int)cmdselect.Parameters["@outres1"].Value;
int res2 = (int)cmdselect.Parameters["@outres2"].Value;
int res3 = (int)cmdselect.Parameters["@outres3"].Value;
int knd = (int)cmdselect.Parameters["@kind"].Value;
if (Results == 0)
{
Session["userID"] = null;
}
else
{
if (res1 != 0)
{
Session["userID"] = res1.ToString();
}
else if (res2 != 0)
{
Session["userID"] = res2.ToString();
Session["userKind"] = knd.ToString();
}
else
{
Session["userID"] = res3.ToString();
Session["userKind"] = knd.ToString();
}
}
}
catch (SqlException ex)
{
lbl = ex.Message;
}
finally
{
cmdselect.Dispose();
if (con != null)
{
con.Close();
}
}
return Results;
}
protected void submitID_Click1(object sender, EventArgs e)
{
int Results = 0;
DataBind();
Results = Validate_Login(ETB.Text.Trim(), pwdTB.Text.Trim());
if (Results == 1)
{
Session["user"] = TextBox1.Text;
int ukind = (int)Session["userKind"];
if (ukind == 3)
{
Response.Redirect("Welcome.aspx#profile");
}
if (ukind == 2)
{
Response.Redirect("welcomeNew.aspx");
// Response.Redirect("Welcome.aspx#profile");
}
else
{
Response.Redirect("Default.aspx");
// Response.Redirect("welcomeInstructor.aspx");
}
/* if (Page.PreviousPage == Session["prevPage"])
{
Response.Redirect("courses.aspx");
}*/
}
else
{
lblmsg.Text = Results + " Email and Password don't Match !";
lblmsg.ForeColor = System.Drawing.Color.Orange;
}
// }
/* lblmsg.Text = "Please make sure that the username and the password is Correct";
lblmsg.ForeColor = System.Drawing.Color.Red;*/
}
请帮忙......