aspx.net中有一个登录页面,要求用户输入他们的用户名和他们的授权级别。
我的问题是,一旦他们这样做,我必须从中读取并检查他们从具有所有可能的用户名和授权的sql数据库输入的内容。问题是登录页面在aspx.net中,检查登录信息的代码是常规的.cs文件。
如果有人可以查看我的代码,并告诉我我做错了什么,并可能给我一个更好的代码或修复我有的那将是伟大的!
对于错误和困惑感到抱歉,我是编码的新手!
这是我到目前为止所做的:
public bool getCredentials(string UserName, string Authlvl)
{
bool valid = false;
string loginSQL = "SELECT COUNT FROM user_verification WHERE userID = '" + UserName + "' AND auth_lvl = '" + Authlvl + "'";
SqlCommand cmd = new SqlCommand(loginSQL, dB.Connect());
try
{
int rowCount = Convert.ToInt32(cmd.ExecuteScalar());
if (rowCount >= 1)
{
valid = true;
}
else if (rowCount <= 0)
{
valid = false;
}
}
catch
{
}
return valid;
}
public void getInfo(string _Username, string Authlvl)
{
string selectAllSql = "Select auth_lvl FROM user_verification WHERE userID = '" + UserName + "'AND auth_lvl = '" + Authlvl
+ "'";
SqlCommand cmd = new SqlCommand(selectAllSql, dB.Connect());
Authlvl = "";
SqlDataReader reader;
try
{
reader = cmd.ExecuteReader();
while (reader.Read())
{
UserName.Text = reader["username"].ToString();
Authlvl.Text = reader["auth_lvl"].ToString();
}
}
catch (Exception ex)
{
throw (new Exception("" + ex));
}
}
private void Form1_Load(object sender, EventArgs e)
{
// TODO: This line of code loads data into the 'import_logDataSet.DB_tables' table. You can move, or remove it, as needed.
this.dB_tablesTableAdapter.Fill(this.import_logDataSet.DB_tables);
}
private void button1_Click(object sender, EventArgs e)
{
save.ShowDialog();
}
private void button3_Click(object sender, EventArgs e)
{
//Clears all text in text box
ID.Clear();
}
private void button4_Click(object sender, EventArgs e)
{
string str = @"";
Process process = new Process();
process.StartInfo.FileName = str;
process.Start();
}
private void ID_KeyPress(object sender, KeyPressEventArgs e)
{
char ch = e.KeyChar;
if (!Char.IsDigit(ch) && ch != 8 && ch != 13 && e.KeyChar < 65 || e.KeyChar > 122)
{
e.Handled = true;
}
StreamWriter sw = new StreamWriter("ExporterOutput.txt");
sw.WriteLine(ID.Text);
sw.Close();
}
private void OutputBox_TextChanged(object sender, EventArgs e)
{
MessageBox.Show("Here is the information you input: ");
StreamWriter sw = new StreamWriter("ExporterOutput.txt");
sw.WriteLine(ID.Text, UserName.Text, Authlvl.Text, comboBox1.Text, comboBox2.Text, FolderDrop.Text);
sw.Close();
}
private void Help_LinkClicked(object sender, LinkLabelLinkClickedEventArgs e)
{
System.Diagnostics.Process.Start("http://www.google.com");
Help.LinkVisited = true;
}
private void save_FileOk(object sender, CancelEventArgs e)
{
}
}
}
答案 0 :(得分:0)
我不清楚你的问题是什么。您是否正在从代码中访问您的aspx页面上的信息?如果是这样,您只需要在代码中引用文本框:
ASPX:
<asp:TextBox ID="tb_User" runat="server" />
aspx.cs:
string user = tb_User.Text;
据我所知,您不会在代码中的任何位置调用getCredentials或getInfo。
答案 1 :(得分:0)
假设UserID是数字字段,UserID = UserName将不起作用。
修改
我认为问题出在你的select语句中。 COUNT是一个函数,需要一个参数。尝试这样的事情:
SELECT COUNT(*) FROM user_verification [rest of your query]