ASP.net Logion用户登陆验证代码

web.config

<configuration>

 

……

 

<system.web>

 

       <database>

 

        <add key="strConn" value="server=107.120.65.99;database=DB;uid=DB;pwd=DB" />

 

</database>

 

</system.web>

 

……

 

</configuration>

 

 

 

Global.asax.cs

 

protected void Session_End(Object sender, EventArgs e)

 

{

 

        Application.Lock();

 

        Application.Remove(Session.SessionID.ToString());

        Application["OL_UserCount"]=(int)Application["OL_UserCount"]-1;

 

        Application.UnLock();

 

}

 

 

login.aspx

 

 

 

<table class="logintable">

 

<tr>    <td colspan="2" class="tdcaption"><font class="fcaption">ログイン</font></td></tr>

 

<tr>        <td><font class="font100">ユーザーID:</font></td></tr>

 

        <td><asp:TextBox CssClass="itxt" ID="txtName" Runat="server"></asp:TextBox></td></tr>

 

<tr>        <td><font class="font100">パスワード:</font></td>

 

        <td><asp:TextBox CssClass="itxt" ID="txtPwd" TextMode="Password" Runat="server"></asp:TextBox></td></tr>

 

<tr>        <td><asp:Button CssClass="ibutton" ID="btnSubmit" Text="login" Runat="server"></asp:Button></td>

 

        <td><input type="reset" class="ibutton" name="btnReset" value="reset"></td></tr>

 

</table>

 

 

 

login.aspx.cs

 

using System.Collections.Specialized;

 

using System.Data.SqlClient;

 

 

 

public void LoginBySQL()

 

{

 

     string strConn=(String) ((NameValueCollection) Context.GetConfig("system.web/database"))["strConn"];

 

     using (SqlConnection conn = new SqlConnection(strConn))

 

     {

 

         SqlCommand cmd = new SqlCommand("sp_IDPWD",conn);

 

         cmd.CommandType=CommandType.StoredProcedure;    //这里采用存储过程

 

         cmd.Parameters.Add("@ID",SqlDbType.VarChar,20);

 

         cmd.Parameters.Add("@PWD",SqlDbType.VarChar,20);

 

         cmd.Parameters["@ID"].Value=txtName.Text;

 

         cmd.Parameters["@PWD"].Value=txtPwd.Text;

 

         conn.Open();

 

 

 

         using (SqlDataReader dr = cmd.ExecuteReader())

 

         {

 

             if(dr.Read())

 

             {

 

                bool NotOL=true;

 

                for(int i=0;i<Application.Count;i++)

 

                {

 

                   if(Application[Application.GetKey(i).ToString()].ToString()==dr["UserID"].ToString())

 

                   NotOL=false;

 

                }

 

                if(NotOL)

 

                {

 

                   Application[Session.SessionID.ToString()]=dr["UserID"].ToString();

 

                   Application["OL_UserCount"]=(int)Application["OL_UserCount"]+1;

 

                   Session["UserName"]=dr["UserName"].ToString();//Sessions
                   Response.Redirect("./main/main.aspx");

 

                }

 

                else

 

                   message.Text="已经登陆";

 

             }

 

             else

 

             {

 

                message.Text="密码错误";

 

             }

 

        }

 

    }

 

}

 

存储过程
ALTER PROCEDURE dbo.sp_IDPWD
 (
  @id varchar(20),
  @pwd varchar(20)
  /*@pwd datatype OUTPUT*/
 )
AS
 SET NOCOUNT ON
 select * from [DB].[DB].[Admin] where (UserID=@id) and ([Password]=@pwd)
 RETURN