I created a website for my class project but I have difficulty of creating login. I insert my data to the database using parameter. I'm doing it in c# and my database in sql server.
first I create login procedure:
ALTER PROC [dbo].[uselogin]
@userNickName nvarchar(50),
@userPassword nchar(10)
As
SELECT [userId]
,[userFirstName]
,[userLastName]
,[userNickName]
,[userPassword]
,[userStreetAddress]
,[userEmail]
FROM [dbo].[User_T]
WHERE userNickName=@userNickName AND userPassword=@userPassword
Then in the login page I create login textbox and login button Like this:
<asp:Label ID="Label3" runat="server" Text="Username: "></asp:Label> <asp:TextBox ID="txtuserName" runat="server" CssClass="form-control "></asp:TextBox> <asp:Label ID="Label4" runat="server" Text="Password: "></asp:Label> <asp:TextBox ID="txtPassword" runat="server" CssClass="form-control "></asp:TextBox> <asp:Button ID="btnLogIn" runat="server" Text="Log In " onClick="button_login_Click" CssClass="btn btn-primary btn-block" />
Code behind the aspx page
protected void button_login_Click(object sender, EventArgs e)
{
string userName = txtuserName.Text;
string userPassoword = txtPassword.Text;
User user = new User(userName, userPassoword);
cc.userLogin(user);
}
Here is my C# code and all the classes I used:
Class User{
string name;
string userName;
string usePass;
.........
.....
public User(string un, string pass)
{
this.UserNickName = un;
this. UserPass = pass;
}
// create getter and setter to each one.
public UserNickName
{
get{return userName; }
set{ userName = value;}
}
// the same for all my getter and setter.
} here is another class called handler
public handler{ // has object from DBManager.cs
DBManager db;
public void userLogin(User u){ db.userLogin(u);}}
My last class is DBmanager
public DBManager{
// constructor has the database connection and my login method
public void userLogin(User user)
{
SqlCommand cmd = new SqlCommand("uselogin",_conn);
cmd.CommandType = CommandType.StoredProcedure;
SqlParameter p1 = new SqlParameter("userNickName", user.UserNickName);
SqlParameter p2 = new SqlParameter("userPassword", user.UserPassword);
cmd.Parameters.Add(p1);
cmd.Parameters.Add(p2);
_conn.Open();
SqlDataReader rd = cmd.ExecuteReader();
if (rd.HasRows)
{
rd.Read();
HttpContext.Current.Response.Redirect("PublishingAnEvent.aspx", true);
}
else
{
// Label5.Text = "do it agin";
HttpContext.Current.Response.Redirect("RegestrationPage.aspx", true);
}
}
I hope you give me the answer I did a lot of reading but I could not find anything.... Thanks to all of you.
Without doing your homework for you, I do have the following insights:
using
blocks on anything that implements IDisposable
(see my example shown below). This helps dispose of them easily and properly. SqlConnection
object, and it would handle all errors. rd.Read()
line because it did not seem to serve a purpose. example:
public DBManager
{
public void userLogin(User user)
{
using (SqlConnection _conn = GetConnection())
{
using (SqlCommand cmd = new SqlCommand("dbo.uselogin",_conn))
{
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@userNickName", user.UserNickName);
cmd.Parameters.AddWithValue("@userPassword", user.UserPassword);
using (SqlDataReader rd = cmd.ExecuteReader())
{
if (rd.HasRows)
{
HttpContext.Current.Response.Redirect("PublishingAnEvent.aspx", true);
}
else
{
//. Label5.Text = "do it again";
HttpContext.Current.Response.Redirect("RegistrationPage.aspx", true);
}
}
}
}
}
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.