我的代码正在查询服务器,如果用户和密码正确,则返回“+”字符。否则它没有。不好的做法,但我只是用这个想法来学习我是初学者的C#和ASP.NET(我之前在JSP中编写了程序)。
我的问题:
到目前为止我的代码:
@{
// Initialize general page variables
string username = "";
string password = "";
bool rememberMe = false;
// Validation
bool isValid = true;
// If this is a POST request, validate and process data
if (IsPost) {
username = Request.Form["username"];
password = Request.Form["password"];
rememberMe = Request.Form["remember"].AsBool();
// Attempt to login to the external authentication server
if(isValid){
using (TcpClient client = new TcpClient("hosty.host.com", 110)) {
using (NetworkStream stream = client.GetStream()) {
using (StreamReader reader = new StreamReader(stream)) {
using (StreamWriter writer = new StreamWriter(stream)) {
writer.WriteLine("USER " + username );
writer.WriteLine("PASS " + password );
string response = reader.ReadLine();
isValid = response[ 0 ] == '+';
Response.Write(response);
writer.WriteLine("quit\n");
}
}
}
}
}
if (isValid) {
<text>IT WORKED---></text>
//USER LOGGED IN/ SESSION STARTED
} else {
<text>IT DIDNT WORK :( </text>
//USER NOT LOGGED IN, SESSION NOT STARTED
}
}
}
<h2>Login Here</h2>
<form action="" method="post">
<fieldset>
<legend>Login Form</legend>
<label for="username">Username:
<input type="text" name="username" id="username" value="" />
</label>
<label for="password">Password:
<input type="password" name="password" id="password" value="" />
</label>
<label for="remember">
<input class="checkbox" type="checkbox" name="remember" id="remember" checked="checked" />
Remember me</label>
<p>
<input type="submit" name="login" id="login" value="Login" />
<input type="reset" name="reset" id="reset" value="Reset" />
</p>
</fieldset>
</form>
</div>
</fieldset>
</form>
答案 0 :(得分:5)
您从isValid=true开始,但如果您的程序甚至无法连接到服务器,则isValid仍然有效。
所以也许你的用户根本就没有验证,你从isValid开始,即使没有进行验证也会以相同的结尾。
代码原样,我将以false开头,并删除一行。
// Validation
bool isValid = false;
// If this is a POST request, validate and process data
if (IsPost) {
username = Request.Form["username"];
password = Request.Form["password"];
rememberMe = Request.Form["remember"].AsBool();
// Attempt to login to the external authentication server
// if(isValid)
{
using (TcpClient client = new TcpClient("hosty.host.com", 110)) {
using (NetworkStream stream = client.GetStream()) {
using (StreamReader reader = new StreamReader(stream)) {
using (StreamWriter writer = new StreamWriter(stream)) {
writer.WriteLine("USER " + username );
writer.WriteLine("PASS " + password );
string response = reader.ReadLine();
isValid = response[ 0 ] == '+';
Response.Write(response);
writer.WriteLine("quit\n");
}
}
}
}
}
if (isValid) {
<text>IT WORKED---></text>
//USER LOGGED IN/ SESSION STARTED
} else {
<text>IT DIDNT WORK :( </text>
//USER NOT LOGGED IN, SESSION NOT STARTED
}
}
也可以是Page。IsValid是网络表单上的现有参数。