[英]Need help with ASP.NET beginner login application
I created this simple login page. 我创建了这个简单的登录页面。 It's supposed to display in the label text like "Wrong user" when user doesn't exist, "Wrong password" when password entered is incorrect, etc. 如果用户不存在,则应在标签文本中显示“错误的用户”,如果输入的密码不正确,则应显示在“错误的密码”中,等等。
But whenever I try and login it ALWAYS displays "Wrong user" when the user does exist in the table. 但是,每当我尝试登录时,表中确实存在该用户时,总会显示“错误的用户”。 I have entered usernames and passwords manually, not using any stored proceedure for that in this application. 我已手动输入用户名和密码,未在此应用程序中使用任何存储过程。
Here's the code; 这是代码; please tell me what am I doing wrong. 请告诉我我在做什么错。 Apparently it's some logical error. 显然这是一些逻辑错误。
Default.cs file: Default.cs文件:
using System;
using System.Configuration;
using System.Data;
using System.Data.SqlClient;
using System.Configuration;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
public partial class _Default : System.Web.UI.Page
{
SqlConnection con = new SqlConnection();
protected void Page_Load(object sender, EventArgs e)
{
con.ConnectionString = ConfigurationManager.ConnectionStrings["cn"].ConnectionString;
if (con.State == ConnectionState.Closed)
{
con.Open();
}
}
protected void Button1_Click(object sender, EventArgs e)
{
Int32 d = checkUser(UserName.Text, Password.Text);
if (d == -1)
{
Label1.Text = "Wrong user";
}
if (d == -2)
{
Label1.Text = "Wrong password";
}
if (d == 2)
{
Label1.Text = "Login Successful";
}
}
private Int32 checkUser(String u, String p)
{
SqlCommand cmd = new SqlCommand();
cmd.CommandText = "LogInCheck";
cmd.CommandType = CommandType.StoredProcedure;
cmd.Connection = con;
cmd.Parameters.Add("@u", SqlDbType.VarChar, 50).Value = u;
cmd.Parameters.Add("@p", SqlDbType.VarChar, 50).Value = p;
SqlParameter p1 = new SqlParameter("@ret", SqlDbType.Int);
p1.Direction = ParameterDirection.ReturnValue;
cmd.Parameters.Add(p1);
cmd.ExecuteNonQuery();
Int32 k = Convert.ToInt32(cmd.Parameters["@ret"].Value);
return k;
}
}
.aspx file: .aspx文件:
<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Default.aspx.cs" Inherits="_Default" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title>Untitled Page</title>
</head>
<body>
<form id="form1" runat="server">
<div>
Username :
<asp:TextBox ID="UserName" runat="server"></asp:TextBox>
<br />
Password :
<asp:TextBox ID="Password" runat="server" TextMode="Password"></asp:TextBox>
<asp:Button ID="Button1" runat="server" Text="Login" onclick="Button1_Click"/>
<br />
<asp:Label ID="Label1" runat="server" Text="Label"></asp:Label>
</div>
</form>
</body>
</html>
My stored procedure, LogInCheck: 我的存储过程LogInCheck:
ALTER PROCEDURE LogInCheck
(
@u varchar(50),
@p varchar(50)
)
AS
Declare @ap varchar(50)
Select @ap from tbuser where uname=@u
if @ap is null
begin
return -1
end
else
if @ap=@p
return 1
else
return -2
Your select query is not putting any value into @ap. 您的选择查询未在@ap中添加任何值。 Try this: 尝试这个:
Select @ap=<col_name> from tbuser where uname=@u
Update Try putting a begin and end after you've started your main else. 更新在开始其他主要项目之后,尝试放置一个开始和结束。
Declare @ap varchar(50)
Select @ap from tbuser where uname=@u
if @ap is null
begin
return -1
end
else
begin --Here
if @ap=@p
return 1
else
return -2
end --And here
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.