验证身份

验证身份：

namespace music_new.control

{

using System;

using System.Data;

using System.Drawing;

using System.Web;

using System.Web.UI.WebControls;

using System.Web.UI.HtmlControls;

using ZhaoH;

using ZhaoH.BABAO;

using System.Data.SqlClient;

using System.Web.Security;

/// <summary>

/// Login 的摘要说明。

/// </summary>

public class Login : System.Web.UI.UserControl

{

string strSQL;

BaBaoDB Db = new BaBaoDB();

SqlDataReader Musicreader;

protected System.Web.UI.WebControls.Label LbNick;

protected System.Web.UI.HtmlControls.HtmlTable TbLogin1;

protected System.Web.UI.HtmlControls.HtmlTable TbLogin2;

protected System.Web.UI.WebControls.Image Image1;

protected System.Web.UI.WebControls.TextBox TtbUid;

protected System.Web.UI.WebControls.TextBox TtbPsw;

protected System.Web.UI.WebControls.TextBox TtbCheck;

protected System.Web.UI.WebControls.ImageButton IBtnLogin;

protected System.Web.UI.WebControls.ImageButton IBtnLogout;

protected System.Web.UI.WebControls.Label LbUid;

private void Page_Load(object sender, System.EventArgs e)

{

// 在此处放置用户代码以初始化页面

if (IsPostBack)

{

return;

}

if (Context.User.IsInRole("member"))

{

this.TbLogin1.Visible = false;

this.TbLogin2.Visible = true;

string Uid=Context.User.Identity.Name ;

strSQL = "select nickname from UserInfo where userid='"+Uid+"'";

Musicreader = Db.SelectReader(strSQL);

Musicreader.Read();

string nickName = Musicreader[0].ToString();

Musicreader.Close();

LbUid.Text = Uid;

LbNick.Text =nickName;

}

else

{

this.TbLogin1.Visible = true;

this.TbLogin2.Visible = false;

}

#region Web 窗体设计器生成的代码

override protected void OnInit(EventArgs e)

{

// CODEGEN: 该调用是 ASP.NET Web 窗体设计器所必需的。

InitializeComponent();

base.OnInit(e);

}

/// <summary>

/// 设计器支持所需的方法 - 不要使用代码编辑器

/// 修改此方法的内容。

/// </summary>

private void InitializeComponent()

{

this.IBtnLogin.Click += new System.Web.UI.ImageClickEventHandler(this.IBtnLogin_Click);

this.IBtnLogout.Click += new System.Web.UI.ImageClickEventHandler(this.IBtnLogout_Click);

this.Load += new System.EventHandler(this.Page_Load);

}

#endregion

private void IBtnLogin_Click(object sender, System.Web.UI.ImageClickEventArgs e)

{

string Uid = TtbUid.Text.Trim();

string Psw = TtbPsw.Text.Trim();

string Ccode = TtbCheck.Text.Trim();

//检查

if(!CheckInput(Uid,Psw,Ccode))

{

return;

}

//过滤

Uid = FilterInput(Uid);

Psw = FilterInput(Psw);

//验证

if(CheckIdAndPsw(Uid,Psw))

{

string URoles = "member";

UserToRole(Uid,URoles);

Response.Redirect ("index.aspx",true);

}

else

{

Page.RegisterStartupScript ("err","<script>alert('用户名或者密码错误!');</script>");

}

private void IBtnLogout_Click(object sender, System.Web.UI.ImageClickEventArgs e)

{

FormsAuthentication.SignOut();

Response.Redirect("index.aspx");

}

#region 用户验证

//基本输入验证

private bool CheckInput(string Uid,string Psw,string Ccode)

{

if (Uid == "")

{

this.Response.Write ("<script>alert('请输入用户名!')</script>");

return false;

}

if (Psw == "")

{

this.Response.Write ("<script>alert('请输入密码!')</script>");

return false;

}

if (Ccode =="")

{

this.Response.Write ("<script>alert('验证码不能为空!')</script>");

return false;

}

if (Ccode !=Session["Ccode"].ToString() )

{

this.Response.Write ("<script>alert('验证码不正确!')</script>");

return false;

}

return true;

}

//验证用户名与密码是否匹配

private bool CheckIdAndPsw(string Uid,string Psw)

{

if (CheckUid(Uid))

{

string sqlStr;

sqlStr="select pass from UserInfo where userid='"+Uid+"'";

Musicreader = Db.SelectReader(sqlStr);

Musicreader.Read();

string password=Musicreader["pass"].ToString().Trim();

Musicreader.Close();

if (password == Psw)

{

return true;

}

else

{

return false;

}

else

{

return false;

}

//检查用户名

private bool CheckUid(string Uid)

{

string strSql;

strSql="select * from UserInfo where userid='"+Uid+"'";

Musicreader = Db.SelectReader(strSql);

if(Musicreader.Read())

{

Musicreader.Close();

return true;

}

else

{

Musicreader.Close();

return false;

}

#endregion

#region 过滤非法字符

private string FilterInput(string input)

{

string result;

result =input.Replace ("'","''");

result = result.Replace("--","");

result = result.Replace("<","<");

result = result.Replace(">",">");

return result;

}

#endregion

#region 生成身份验证票

/// <summary>

///

/// </summary>

/// <param name="UID">用户名</param>

/// <param name="URoles">角色字符串，以","分隔；参见Global.asax中的Application_AuthorizeRequest</param>

/// <returns></returns>

private void UserToRole(string UID, string URoles)

{

// 建立身份验证票对象

FormsAuthenticationTicket tkt = new FormsAuthenticationTicket(1, UID, DateTime.Now, DateTime.Now.AddMinutes(30), false, URoles, FormsAuthentication.FormsCookiePath);

// 加密序列化验证票为字符串

string ckStr = FormsAuthentication.Encrypt(tkt);

// 生成Cookie

HttpCookie ck = new HttpCookie(FormsAuthentication.FormsCookieName, ckStr);

if(tkt.IsPersistent)

{

ck.Expires = tkt.Expiration; //对应于FormsAuthenticationTicket中的false/true

}

Context.Response.Cookies.Add(ck);

}

#endregion

}

posted @ 2005-07-01 14:27 Ame 阅读(173) 评论(0) 收藏举报

刷新页面返回顶部

Ame's blog

海阔凭鱼跃，天高任鸟飞！

验证身份

公告