如何实现此会话:( UserID是登录表的一部分)
Session["UserID"]="usrName";
进入此代码?
using System;
using System.Data;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.Odbc;
using System.Data.SqlClient;
public partial class Default2 : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
Login1.Authenticate += Login1_Authenticate;
}
protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)
{
//database connection string
OdbcConnection cn = new OdbcConnection("Driver={MySQL ODBC 3.51 Driver}; Server=localhost; Database=gymwebsite; User=x; Password=x; OPTION=3;");
cn.Open();
OdbcCommand cmd = new OdbcCommand("Select * from User where username=? and password=?", cn);
//Select the username and password from mysql database in login table
cmd.Parameters.Add("@username", OdbcType.VarChar);
cmd.Parameters["@username"].Value = this.Login1.UserName;
cmd.Parameters.Add("@password", OdbcType.VarChar);
cmd.Parameters["@password"].Value = this.Login1.Password;
//use asp login control to check username and password
cmd.Parameters.Add(new OdbcCommand("@UserID", 'id.int'));
OdbcDataReader dr = default(OdbcDataReader);
// Initialise a reader to read the rows from the login table.
// If row exists, the login is successful
dr = cmd.ExecuteReader();
int id = cmd.Parameters["@UserID"].Value;
Session["UserID"]="usrName";
if (dr.Read())
{
e.Authenticated = true;
Response.Redirect("UserProfileWall.aspx");
// Event Authenticate is true forward to user profile
}
}
}
当有人在登录时输入用户名和密码时,我需要能够检索到正确的用户ID,然后有些人如何在新页面上检索它以便退出但不确定?
string usrName = Convert.ToString(Session["UserID"]);
我只是不知道如何将第一部分,会话添加到我的登录代码中,以便我可以在会话中存储UserID,还可以从我的mysql登录表中提取的数据中检索正确的UserID。 / p>
答案 0 :(得分:2)
它很脏,而且是错的,但我认为这会起作用。
protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)
{
var sql = @"SELECT * from Users where userName = ?user and password = ?pass";
DataSet ds = new DataSet();
MySqlCommand commandWithParams = new MySqlCommand(sql);
commandWithParams.Parameters.AddWithValue("?user", Login1.UserName);
commandWithParams.Parameters.AddWithValue("?pass", Login1.Password);
MySqlConnection conn = new MySqlConnection("myconn string");
if (conn.State != ConnectionState.Open)
conn.Open();
commandWithParams.Connection = conn;
MySqlDataAdapter da = new MySqlDataAdapter(commandWithParams);
da.Fill(ds);
DataTable dt = ds.Tables[0];
DataRow dr = dt.Rows[0];
conn.Close();
conn.Dispose();
da.Dispose();
if (dt.Rows.Count != 0)//I'm sure this has a better way
{
Session["userId"] = Convert.ToString(dr["userId"]);
Session["userName"] = Convert.ToString(dr["userName"]);
e.Authenticated = true;
Reponse.Redirect("your_page.aspx");
}
else
{
e.Authenticated = false;
}
}
这里再次使用Reader方法和Odbc。
OdbcConnection cn = new OdbcConnection("Driver={MySQL ODBC 3.51 Driver}; Server=localhost; Database=gymwebsite; User=x; Password=x; OPTION=3;");
cn.Open();
OdbcCommand cmd = new OdbcCommand("Select * from users where username=? and password=?", cn);
cmd.Parameters.Add("@username", OdbcType.VarChar);
cmd.Parameters["@username"].Value = "test";
cmd.Parameters.Add("@password", OdbcType.VarChar);
cmd.Parameters["@password"].Value = "test1";
OdbcDataReader dr = default(OdbcDataReader);
dr = cmd.ExecuteReader();
if (dr.HasRows)
{
dr.Read();
string theUser = (string)dr["userName"];
string theUserId = Convert.ToString(dr["userId"]);
}
您可以将theUser和theUserId设置为会话,如下所示:
Session.Add("userName", theUser);
Session.Add("userId", theUserId);