Question

我仍然是使用会话状态的新手，我想根据数据库表将页面名称转换为整数然后一个函数比较＆＃34; X＆＃34;和＆＃34; Y＆＃34;检查用户是否有权查看此页面

我知道这不是管理网站安全的最佳方式，但它就像是关于如何使用会话的培训＆＃34;

我做错了什么

Partial Class advancedsearch
Inherits System.Web.UI.Page

Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
    Try
        Label1.Text = Session("username").ToString

        Label3.Text = Session("role").ToString
        Label4.Text = System.IO.Path.GetFileName(Request.Url.ToString())


    Catch ex As Exception
        Response.Redirect("login.aspx")
    End Try

    If Label1.Text = "" Then
        Response.Redirect("login.aspx")

    End If
Dim x As Integer = Int32.Parse(Label3.Text)

    Dim y As Integer = Int32.Parse(DropDownList1.SelectedItem.ToString)

    If x < y Then Response.Redirect("login.aspx")


End Sub


Protected Sub Button1_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button1.Click
    Response.Redirect("default.aspx")
End Sub
End Class

Answer 1

尝试将比较部分放在预渲染完成

中

Protected Sub Page_PreRenderComplete(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.PreRenderComplete
    Dim x As Integer = Int32.Parse(Label3.Text)

    Dim y As Integer = Int32.Parse(DropDownList1.SelectedItem.ToString)

    If x < y Then Response.Redirect("login.aspx")

End Sub

使用会话状态不正常工作

1 个答案: