用户登录系统中的密码问题。 C#
[英]Issue with password in user login system. C#
问题描述
I have developed a web application in visual studio 2010 and am attempting to add a user login system to this application. 
我在visual studio 2010中开发了一个Web应用程序,并尝试在此应用程序中添加用户登录系统。 So far I am having trouble validating the users password, as the program informs me that all passwords are incorrect even if it matches the one associated to that username. 到目前为止,我无法验证用户密码,因为该程序通知我所有密码都是错误的,即使它与该用户名相关联的密码也是如此。 This is the code I have written son far: 这是我写的儿子远的代码:
protected void n_Click(object sender, EventArgs e)
{
SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString);
con.Open();
string cmdStr = "select count(*) from Registration where UserName='" + TextBoxUserName.Text + "'";
SqlCommand CheckUser = new SqlCommand(cmdStr, con);
int Temp = Convert.ToInt32(CheckUser.ExecuteScalar().ToString());
if (Temp == 1)
{
string cmdStr2 = "Select Password from Registration where UserName ='" + TextBoxUserName.Text + "'";
SqlCommand pass = new SqlCommand(cmdStr2, con);
string password = pass.ExecuteScalar().ToString();
con.Close();
if (password == TextBoxPassword.Text)
{
Session["New"] = TextBoxUserName.Text;
Response.Redirect("HomePage.aspx");
}
else
{
Label1.Visible = true;
Label1.Text = "Password is invalid";
}
}
else
{
Label1.Visible = true;
Label1.Text = "Username is invalid";
}
}
}
} }
Regardless of what password is entered the program will output 'password is invalid' which indicates that the issue is with the first part of the if statement? 无论输入什么密码,程序都会输出“密码无效”,表明问题出在if语句的第一部分? or the variables it uses? 或它使用的变量? It might also be worth mentioning that an invalid username flags up in the same way, and this works fine. 可能还值得一提的是,无效的用户名以相同的方式标记,这样可以正常工作。
Thanks in advance :) 提前致谢 :)
2 个解决方案
解决方案1
1 2012-04-30 17:11:27
请改用ASP.NET身份验证 。
解决方案2
1 已采纳 2012-04-30 18:03:39
what you're doing seems way too complex for what it's supposed to do.. 你正在做什么似乎太复杂了它应该做的事情..
edit: i editted my answer after user commented: 编辑:我在用户评论后编辑了我的答案:
public bool Login(String uName, String pasw)
{
using (SqlConnection myConnection = new SqlConnection(connString))
{
string oString = "Select ID from yourTable where username = @username AND paswoord = @password";
SqlCommand oCmd = new SqlCommand(oString, myConnection);
oCmd.Parameters.AddWithValue("@username", uName);
oCmd.Parameters.AddWithValue("@password", pasw);
string id = null;
myConnection.Open();
using (SqlDataReader oReader = oCmd.ExecuteReader())
{
while (oReader.Read())
{
id = oReader["id"].ToString();
}
myConnection.Close();
}
if (id == null)
{
return false;
}
else
{
return true;
}
}
}
you could try something like this. 你可以尝试这样的事情。 Also, it might have nothing to do with it, but some databases dont like it when you name an attribute "password", you could try changing it to "pw" or "pasw" or whatever. 此外,它可能与它无关,但是当您将属性命名为“password”时,某些数据库不喜欢它,您可以尝试将其更改为“pw”或“pasw”或其他任何内容。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.