var xmlHttp
function TryLogin()
{
xmlHttp=GetXmlHttpObject();
if (xmlHttp==null)
{
alert ("Your browser does not support AJAX!");
return;
}
//var url="../AshxFile/AddSupport.ashx?b="+Math.random()+$
var url="AshxFile/TravelBuy.ashx?sid="+Math.random()+"&userName="+trim($('txtLoginName').value)+"&pwd="+trim($('txtPassword').value);
xmlHttp.onreadystatechange=stateChangedok;
xmlHttp.open("GET",url,true);
xmlHttp.send(null);
}
function stateChangedok()
{
if (xmlHttp.readyState==4)
{
if(xmlHttp.responseText=="")
{
}
else
{
if(xmlHttp.responseText=="-1")
{
$('loginNameErro').innerHTML="不存在该用户名";
}
else if(xmlHttp.responseText=="0")
{
$('pwdErro').innerHTML="密码错误";
}
else if(xmlHttp.responseText=="2")
{
$('loginNameErro').innerHTML="该用户被屏蔽";
}
else if(xmlHttp.responseText=="1")
{
$('showmessage').innerHTML=$('txtLoginName').value+",您已经成功登陆,请继续购买";
$('logintable').style.display="none";
$('loginmessage').style.display="";
}
}
}
}
function GetXmlHttpObject()
{
var xmlHttp=null;
try
{
// Firefox, Opera 8.0+, Safari
xmlHttp=new XMLHttpRequest();
}
catch (e)
{
// Internet Explorer
try
{
xmlHttp=new ActiveXObject("Msxml2.XMLHTTP");
}
catch (e)
{
xmlHttp=new ActiveXObject("Microsoft.XMLHTTP");
}
}
return xmlHttp;
}
----
<%@ WebHandler Language="C#" Class="TravelBuy" %>
using System;
using System.Web;
using System.Web.SessionState;
public class TravelBuy : IHttpHandler, IRequiresSessionState
{
public void ProcessRequest (HttpContext context) {
context.Response.ContentType = "text/plain";
if (!(string.IsNullOrEmpty(context.Request.QueryString["userName"].Trim()) || string.IsNullOrEmpty(context.Request.QueryString["pwd"])))
{
string returnValue = new BLL.B_UserDb().UserLogin(context.Request.QueryString["userName"].Trim(), System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(context.Request.QueryString["pwd"].Trim().ToString().ToLower(), "MD5")).ToString();
if (returnValue == "1")
{
context.Session["UserName"] = "1";
context.Session["UserName"] = context.Request.QueryString["userName"].Trim();
}
context.Response.Write(returnValue);
}
else
{
context.Response.Write("");
}
}
public bool IsReusable {
get {
return false;
}
}
}
--存储过程
ALTER PROCEDURE [dbo].[up_UserProve]
(
@userName varchar(50),
@pwd varchar(32),
@lastLandIp varchar(50),
@lastLandTime datetime,
@returnValue int=-1 output
)
AS
--
IF not EXISTS (SELECT 1 FROM tbUserDb WHERE UserName=@userName)
begin
set @returnValue=-1 ---- 账户不存在
end
ELSE
if not EXISTS (SELECT 1 FROM tbUserDb WHERE UserName=@userName AND Pwd=@pwd)
set @returnValue=0 --密码错误
else
IF EXISTS (SELECT 1 FROM tbUserDb WHERE UserName=@userName AND Pwd=@pwd and STATUS=0)
begin
set @returnValue=1--正确,验证通过
update tbuserdb set lastLandIp=@lastLandIp,lastlandtime=@lastLandTime
where UserName=@userName AND Pwd=@pwd and STATUS=0
end
ELSE
set @returnValue=2 -- 已屏蔽用户