堆栈内存溢出
  简体   繁体   English

ASP.NET C#中的登录页面错误

[英]Login page error in asp.net c#

 原文  2015-08-27 07:17:03       c#/ asp.net/ login-page

问题描述

I have a login page in which i have written code to login the admin part but it is not working i don't know what the problem is this the code is correct still getting unauthorized access. 我有一个登录页面,在该页面中我已经编写了用于登录管理部分的代码,但是它不起作用,我不知道这是什么问题,该代码是正确的,仍然会得到未经授权的访问。 help me out 帮帮我 

  string str = ConfigurationManager.ConnectionStrings["ottscon"].ConnectionString;
        using (SqlConnection con = new SqlConnection(str))
        {
            SqlCommand cmd = new SqlCommand("Select UserName,Password from login where UserName=@userid and Password=@passid", con);
            con.Open();
            cmd.Parameters.AddWithValue("@userid", TextBox1.ToString());
            cmd.Parameters.AddWithValue("@passid", TextBox2.ToString());
            SqlDataAdapter da = new SqlDataAdapter(cmd);
            DataSet ds= new DataSet();
            da.Fill(ds);
            if (ds.Tables[0].Rows.Count>0)
            {

               Session["login"] = TextBox1.Text;
               Response.Redirect("admintrator123/Default.aspx");
            }
            else
            {
                Label1.Text = "Unauthorized Access";
                Label1.ForeColor = System.Drawing.Color.Red;
            }
        }

3 个解决方案

解决方案1
 2  2015-08-27 07:26:51

You are not passing values properly 您没有正确传递值

TextBox1.ToString() is wrong TextBox1.ToString()错误

use 采用

TextBox1.Text

解决方案2
 0  2015-08-27 07:23:14

First use the value of the text inside the textbox (the existing ToString() is returning the type of the object TextBox ): 首先使用文本框内的文本值(现有的ToString()返回对象TextBox的类型): 

cmd.Parameters.AddWithValue("@userid", TextBox1.Text);
cmd.Parameters.AddWithValue("@passid", TextBox2.Text);

Try using this SQL to check if the record exist (inside the new SqlCommand() ): 尝试使用此SQL检查记录是否存在(在new SqlCommand()内部): 

SELECT CASE WHEN EXISTS (
    SELECT *
    FROM [login]
    WHERE UserName=@userid and Password=@passid
)
THEN CAST(1 AS BIT)
ELSE CAST(0 AS BIT) END

So you can then check on a bool and not on a row existance and have more understanding on what's happening. 这样一来,您就可以检查布尔值而不是连续存在的值,并且对正在发生的事情有更多的了解。

After this you can read the value this way: 之后,您可以通过以下方式读取值: 

using (var reader = cmd.ExecuteReader())
{
    while (reader.Read())
    {
        bool exist = reader.GetBoolean(0);
    }
}

解决方案3
 -3  2015-08-27 07:24:02

try 尝试 

logincommand = "Select UserName,Password from login where UserName='"+TextBox1.Text+"' and Password='"+TextBox2.Text+"'"
SqlCommand cmd = new SqlCommand(logincommand ,con);

and delete 并删除 

        cmd.Parameters.AddWithValue("@userid", TextBox1.ToString());
        cmd.Parameters.AddWithValue("@passid", TextBox2.ToString());

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 ASP.NET c#MD5密码登录页面 - ASP.NET c# MD5 Password Login page 在ASP.Net C#登录页面中需要帮助 - Need Help in ASP.Net C# login page 使用C#在ASP.NET和SQL Server中的登录页面 - Login page in asp.net and sql server using c# asp.net登录页面继承属性c# - asp.net login page inherit attribute c# asp.net c#登录网页错误 - asp.net c# login webpage error ASP.NET C#登录系统 - asp.net c# login system 自定义登录 ASP.NET C# - Custom Login ASP.NET C# ASP.NET C#登录重定向 - ASP.NET C# Login Redirect 在C#应用程序中的ASP.NET登录 - Asp.Net login in c# application asp.net c#登录类型 - asp.net c# login type
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM