用户帐户页面的User.Identity

Question

In my application I use User.Identity to get the username of the user logged in, I was wondering if I can use this to get email and password information as I want a user account page where the user can view there email username etc.. and change their password. 在我的应用程序中，我使用User.Identity来获取登录用户的用户名，我想知道是否可以使用它来获取电子邮件和密码信息，因为我想要一个用户帐户页面，用户可以在其中查看电子邮件用户名等。并更改他们的密码。

I also have a web service called getusers which gets all the information from the users table in my database but then I am unsure of how to get the account information from the database for the user logged in if I do it this way. 我还有一个名为getusers的Web服务，该服务从数据库中的users表中获取所有信息，但是如果我这样做，则不确定如何从数据库中获取登录用户的帐户信息。

So far I have this: 到目前为止，我有这个：

protected void Page_Load(object sender, EventArgs e)
{
    if (User.Identity.IsAuthenticated)
    {
        username.Text = User.Identity.Name;
    }

    localhost.Service1 myws = new localhost.Service1();
    ds = myws.GetUsers();

}

Which is great because I get the username, but I need the rest. 很棒，因为我获得了用户名，但我需要其余的。

Oh and here is the web service GetUsers: 哦，这是Web服务GetUsers：

[WebMethod]
    public DataSet GetUsers()
    {
        DataSet ds = new DataSet();
        string database = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source=|DataDirectory|/dvd_forum.accdb;Persist Security Info=True";
        string queryStr = "select * from Users";
        OleDbConnection myConn = new OleDbConnection(database);
        OleDbDataAdapter myDataAdapter = new OleDbDataAdapter(queryStr, myConn);
        myConn.Open();
        myDataAdapter.Fill(ds, "Users");
        myConn.Close();
        return ds;
    }

Thanks. 谢谢。

Answer 1

Firstly, I must warn you that your GetUsers() method is open to SQL Injection. 首先，我必须警告您，您的GetUsers()方法已对SQL Injection开放。 That aside... 那边...

If you modified that GetUsers() method slightly to accept a parameter and narrow down the search to a unique user, you could have: 如果您稍微修改了GetUsers()方法以接受参数并将搜索范围缩小到唯一用户，则您可能会：

[WebMethod] 
public DataSet GetUser(string UserName) 
{ 
    DataSet ds = new DataSet(); 
    string database = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source=|DataDirectory|/dvd_forum.accdb;Persist Security Info=True"; 
    string queryStr = "select * from Users WHERE UserName=" + UserName; 
    OleDbConnection myConn = new OleDbConnection(database); 
    OleDbDataAdapter myDataAdapter = new OleDbDataAdapter(queryStr, myConn); 
    myConn.Open(); 
    myDataAdapter.Fill(ds, "Users"); 
    myConn.Close(); 
    return ds; 
}

Now all you need to do is call 现在您要做的就是打电话

GetUser(User.Identity.Name);

assuming the username is stored in the database, you'll get your User's record returned in the dataset. 假设用户名存储在数据库中，您将在数据集中返回用户的记录。

Answer 2

If you are using MembershipUser class in your asp.net application then you can check this link . 如果您在asp.net应用程序中使用MembershipUser类，则可以检查此链接。

Here is a snippet of code. 这是一段代码。

public void Page_Load(object sender, EventArgs args)
{
  u = Membership.GetUser(User.Identity.Name);

  if (!IsPostBack)
  {
    EmailTextBox.Text = u.Email; 
  }
}

用户帐户页面的User.Identity

问题描述

2 个解决方案

解决方案1
0 2012-05-16 15:07:21

解决方案2
0 2012-05-16 15:07:53

用户帐户页面的User.Identity

问题描述

2 个解决方案

解决方案1 0 2012-05-16 15:07:21

解决方案2 0 2012-05-16 15:07:53

解决方案1
0 2012-05-16 15:07:21

解决方案2
0 2012-05-16 15:07:53