堆棧內存溢出
  簡體   English   中英

asp.net c#登錄網頁錯誤

[英]asp.net c# login webpage error

 原文  2016-05-02 00:03:42       c#/ asp.net/ visual-studio/ web/ login

問題描述

我有以下問題:

我使用asp.net和c#創建一個網站,在第一頁是登錄,HTML基本上是2個文本字段和1個按鈕,請求以下功能: 

protected void Button1_Click(object sender, EventArgs e)
     {

         ServicioIS.Service1SoapClient objeto = new ServicioIS.Service1SoapClient();
          string a = ci.Value.ToString();
          string b = pass.Value.ToString();
          // bool x = objeto.Log(a,b);
          bool flag = false;
          SqlConnection con = new SqlConnection();
          con.ConnectionString = "Server=.;database=Proyecto.mdf;user=;password=";
          con.Open();
          string check = "SELECT COUNT(*) FROM Admin WHERE login ='" + a + "'";
          SqlCommand com = new SqlCommand(check, con);
          int cont = Convert.ToInt32(com.ExecuteScalar().ToString());
          con.Close();
          if (cont == 1)
          {
              con.Open();
              string checkpass = "SELECT pass FROM Admin WHERE login = '" + a + "'";
              SqlCommand ds = new SqlCommand(checkpass, con);
              string contra = ds.ExecuteScalar().ToString().Replace(" ", "");
              con.Close();
              if (a == contra)
              {
                  flag = true;
              }
          }
           if (flag)
           {
               Response.Write("Contraseña Correcta");
           }
           else
           {
               Response.Write("usuario o contraseña invalidos");
           }


     }

錯誤和堆棧跟蹤如下: 

Line 31:               SqlConnection con = new SqlConnection();
Line 32:               con.ConnectionString = "      "Server=.;database=Proyecto.mdf;user=;password=";
Line 33:               con.Open();
Line 34:               string check = "SELECT COUNT(*) FROM Admin WHERE   login ='" + a + "'";
Line 35:               SqlCommand com = new SqlCommand(check, con);

Source File: c:\Users\Fabrizio\Desktop\Nueva carpeta     (2)\ProyectoIS\WebAppIS\WebAppIS\Interface\Login.aspx.cs    Line: 33 

Stack Trace: 


[SqlException (0x80131904): Login failed for user ''.]
System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception,     Boolean breakConnection, Action`1 wrapCloseInAction) +5347119
   System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject  stateObj, Boolean callerHasConnectionLock, Boolean asyncClose) +546
System.Data.SqlClient.TdsParser.TryRun(RunBehavior runBehavior, SqlCommand   cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler,   TdsParserStateObject stateObj, Boolean& dataReady) +1693
System.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj) +69
System.Data.SqlClient.SqlInternalConnectionTds.CompleteLogin(Boolean enlistOK) +30
System.Data.SqlClient.SqlInternalConnectionTds.AttemptOneLogin(ServerInfo serverInfo, String newPassword, SecureString newSecurePassword, Boolean ignoreSniOpenTimeout, TimeoutTimer timeout, Boolean withFailover) +317
System.Data.SqlClient.SqlInternalConnectionTds.LoginNoFailover(ServerInfo serverInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString connectionOptions, SqlCredential credential, TimeoutTimer timeout) +892
System.Data.SqlClient.SqlInternalConnectionTds.OpenLoginEnlist(TimeoutTimer timeout, SqlConnectionString connectionOptions, SqlCredential credential, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance) +311
  System.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, SqlCredential credential, Object providerInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString userConnectionOptions, SessionData reconnectSessionData) +646
 System.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions options, DbConnectionPoolKey poolKey, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection, DbConnectionOptions userOptions) +278
 System.Data.ProviderBase.DbConnectionFactory.CreatePooledConnection(DbConnectionPool pool, DbConnection owningObject, DbConnectionOptions options, DbConnectionPoolKey poolKey, DbConnectionOptions userOptions) +38
System.Data.ProviderBase.DbConnectionPool.CreateObject(DbConnection owningObject, DbConnectionOptions userOptions, DbConnectionInternal oldConnection) +732
System.Data.ProviderBase.DbConnectionPool.UserCreateRequest(DbConnection owningObject, DbConnectionOptions userOptions, DbConnectionInternal oldConnection) +85
System.Data.ProviderBase.DbConnectionPool.TryGetConnection(DbConnection owningObject, UInt32 waitForMultipleObjectsTimeout, Boolean allowCreate, Boolean onlyOneCheckConnection, DbConnectionOptions userOptions, DbConnectionInternal& connection) +1057
System.Data.ProviderBase.DbConnectionPool.TryGetConnection(DbConnection owningObject, TaskCompletionSource`1 retry, DbConnectionOptions userOptions, DbConnectionInternal& connection) +78
System.Data.ProviderBase.DbConnectionFactory.TryGetConnection(DbConnection owningConnection, TaskCompletionSource`1 retry, DbConnectionOptions userOptions, DbConnectionInternal oldConnection, DbConnectionInternal& connection) +196
 System.Data.ProviderBase.DbConnectionInternal.TryOpenConnectionInternal(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource`1 retry, DbConnectionOptions userOptions) +146
System.Data.ProviderBase.DbConnectionClosed.TryOpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource`1 retry, DbConnectionOptions userOptions) +16
System.Data.SqlClient.SqlConnection.TryOpenInner(TaskCompletionSource`1 retry) +94
System.Data.SqlClient.SqlConnection.TryOpen(TaskCompletionSource`1 retry) +110
System.Data.SqlClient.SqlConnection.Open() +96
WebAppIS.Interface.Login.Button1_Click(Object sender, EventArgs e) in  c:\Users\Fabrizio\Desktop\Nueva carpeta (2)\ProyectoIS\WebAppIS\WebAppIS\Interface\Login.aspx.cs:33
System.Web.UI.WebControls.Button.OnClick(EventArgs e) +9627718
System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument) +103
 System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument) +10
System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl,   String eventArgument) +13
System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData) +35
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +1724

PD:我使用Visual Studio 2012,如果它更容易修復它:)

2 個解決方案

解決方案1
 0  2016-05-02 01:17:56

聽起來像用戶身份驗證問題。 出於安全原因,SQL隱藏了錯誤的詳細信息,但您應該能夠在SQL Server錯誤日志中找到更多信息。 有關故障排除信息,請參閱以下鏈接: https//msdn.microsoft.com/en-us/library/ms366351.aspx

解決方案2
 0  2016-05-02 02:20:49

SQL錯誤表示您的應用程序沒有對數據庫的權限。 我相信這是因為您提供了用戶和密碼屬性,但將它們留空。 嘗試使用可信連接。 

con.ConnectionString = "Server=.\SQLExpress;AttachDbFilename=Proyecto.mdf;Database=dbname;Trusted_Connection=Yes;";

此外,評論中指出您的代碼容易受到SQL注入攻擊。 這是非常正確的。 您應該使用參數化SQL將您的變量添加到SQL語句,如下所示。 

SqlParam param;

string check = "SELECT COUNT(*) FROM Admin WHERE login=@LoginName";
SqlCommand com = new SqlCommand(check, con);
param = new SqlParameter("@LoginName", SqlDbType.VarChar);
param.Direction = ParameterDirection.Input;
param.Value = a;
com.Parameters.Add(param);

暫無
暫無

聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.

相關問題 ASP.NET C#中的網頁屏幕截圖 ASP.NET C#中的登錄頁面錯誤 ASP.NET C#登錄重定向 在C#應用程序中的ASP.NET登錄 asp.net c#登錄類型 asp.net(C#)自定義登錄 ASP.NET C#登錄系統 自定義登錄 ASP.NET C# 使用ASP.NET C#將網頁轉換為PDF文檔 從asp.net/C#網頁調用vb腳本
相關標簽
 
粵ICP備18138465號  © 2020-2024 STACKOOM.COM