[英]pass values or data from one page to another when you use Login control in ASP.NET 2.0
I am using Login Control available in ASP.NET 2.0 in the login page.我在登录页面中使用 ASP.NET 2.0 中提供的登录控制。 Once the user is authenticated successfully against database, I am redirecting the user to home.aspx.
用户成功通过数据库身份验证后,我将用户重定向到 home.aspx。 Here, I want to pass on the User's name too to the home.aspx so that the user will be greeted with his/her name in the home.aspx.
在这里,我也想将用户名传递给 home.aspx,这样用户就会在 home.aspx 中看到他/她的名字。 Ex: Welcome Smith
例如:欢迎史密斯
I am extracting the User's name from the users table in my database during the time I check for the login credentials.在检查登录凭据期间,我正在从数据库中的用户表中提取用户名。
Could someone please tell me how to do this in a secure way (may be not to secure, but a little)?有人可以告诉我如何以安全的方式做到这一点(可能不是安全,但有点)?
Thanks,谢谢,
One good place for that kind of data would be in session.此类数据的一个好地方是 session。 Try something like this on the first page:
在第一页尝试这样的事情:
this.Session["UserName"] = userName;
and then subsequent pages in that session for that user could access this.Session["UserName"]
.然后该用户的 session 中的后续页面可以访问
this.Session["UserName"]
。
The best thing to do though is to create a static class to manage Session
for you like so:最好的办法是为您创建一个 static class 来管理
Session
,如下所示:
using System;
using System.Web;
static class SessionManager
{
public static String UserName
{
get
{
return HttpContext.Current.Session["UserName"].ToString();
}
set
{
HttpContext.Current.Session["UserName"] = value;
}
}
// add other properties as needed
}
Then your application can access session state like this:然后您的应用程序可以像这样访问 session state :
SessionManager.UserName
This will give you maximum flexibility and scalability moving forward.这将为您提供最大的灵活性和可扩展性。
If you are using standard asp.net authentication then you should be able to access the users name through the User property of the page object.如果您使用标准 asp.net 身份验证,那么您应该能够通过页面 object 的用户属性访问用户名。
User.Identity.Name用户身份名称
As Andrew suggested, Session is a common place to place a user name, though I avoid using session at all if possible.正如 Andrew 建议的那样,Session 是放置用户名的常见位置,尽管我尽可能避免使用 session。
You could set a cookie with the users name.您可以使用用户名设置 cookie。
You could also set the DestinationPageUrl property of the login control to include the username in the query string.您还可以设置登录控件的 DestinationPageUrl 属性以在查询字符串中包含用户名。 Though that feels/looks pretty lame.
虽然感觉/看起来很蹩脚。
As ScottS said, if you're using the standard login controls and a membership provider this information is already available to you in User.Identity.Name.正如ScottS所说,如果您使用标准登录控件和会员提供程序,则此信息已在 User.Identity.Name 中可供您使用。
The only reason I'm posting an answer is to mention the LoginName control, which you can drop on a page/master page and have this done automatically for you:我发布答案的唯一原因是提及LoginName控件,您可以将其放在页面/母版页上并自动为您完成:
<asp:LoginName id="LoginName1" runat="server" FormatString ="Welcome, {0}" />
This will render out "Welcome, Zhaph" when the user is logged in, or nothing if they are not.这将在用户登录时呈现“Welcome, Zhaph”,否则将不呈现任何内容。
You can also combine this quite nicely with the LoginView and LoginStatus controls:您还可以将其与LoginView和LoginStatus控件很好地结合起来:
<asp:LoginView ID="RegisterLink" runat="server">
<AnonymousTemplate>
<div class="titleRegistration">
<a href="/Users/Register.aspx">Register</a> or
</div>
</AnonymousTemplate>
<LoggedInTemplate>
<div class="titleRegistration">
Welcome back
<asp:LoginName ID="LoginName1" runat="server" /> -
</div>
</LoggedInTemplate>
</asp:LoginView>
<asp:LoginStatus ID="lsGeneral" runat="server"
LogoutPageUrl="/Users/Logout.aspx" />
This combination of controls will do the following:这种控件组合将执行以下操作:
The Login links is populated by the settings in web.config, and generated by the LoginStatus control.登录链接由 web.config 中的设置填充,并由 LoginStatus 控件生成。
yes as Andrew said, session is the primary place to store sensitive data.是的,正如安德鲁所说,session 是存储敏感数据的主要场所。
but why a user's name is sensitive?但是为什么用户的名字是敏感的? You can save it in cookie and print it in your home.aspx whenever user comes in.
您可以将其保存在 cookie 中,并在用户进入时将其打印在 home.aspx 中。
EDIT: You can use cookies in ASP.NET like that:编辑:您可以像这样在 ASP.NET 中使用 cookies :
// Setting cookie :
Response.Cookies["UserName"].Value = "Erhan";
Response.Cookies["UserName"].Expires = DateTime.Now.AddDays(7); // Persists 1 week
// Getting cookie :
string username = string.Empty;
if(Request.Cookies["UserName"] != null)
{
username = Server.HtmlEncode(Request.Cookies["UserName"].Value);
}
NOTE: Cookies stored at client's machine.注意: Cookies 存储在客户的机器上。 so you should not use them to store sensitive data.
所以你不应该使用它们来存储敏感数据。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.