用简单登录,练习asp.net
做这个LoginDemo的目的是练习访问数据库,使用存储过程,最后是写成用户类。
页面组成:Default.aspx,LogSuccess.htm,LogFailure.htm
数据库test,表User:UserID(自增),UserName,PassWord
前台:简单的登陆界面
后台代码:
1、很久以前做第一个例子的时候用的:
代码
protected void CheckAccount()
{
string strConn = "server=localhost;uid=sa;pwd=123;database=test;";
SqlConnection conn = new SqlConnection(strConn);
String strComm = "Select * from Users where UserName ='" + UserName.Text + "' and PassWord= '" + PassWord.Text + "'";
SqlCommand comm = new SqlCommand(strComm, conn);
conn.Open();
SqlDataReader dr = comm.ExecuteReader();
if (dr.Read())
{
Response.Redirect("LogSuccess.htm");
}
else
{
Response.Redirect("LogFailure.htm");
}
conn.Close();
}
Ideas:感觉有些啰嗦,每次写的时候都得写SqlConnection,SqlCommand等等,后来抽象了一个数据库操作类,
现在在研究微软的DAAB。
然后试着使用了存储过程:
代码
protected void CheckAccount()
{
String strConn = System.Configuration.ConfigurationManager.AppSettings["ConnectionString"];
SqlConnection conn = new SqlConnection(strConn);
SqlCommand comm = new SqlCommand("Users_Login", conn);
comm.CommandType = CommandType.StoredProcedure;
//加入参数
SqlParameter paraUserName = new SqlParameter("@UserName", SqlDbType.VarChar, 50);
paraUserName.Value = UserName.Text;
comm.Parameters.Add(paraUserName);
SqlParameter paraPassWord = new SqlParameter("@PassWord", SqlDbType.VarChar, 50);
paraPassWord.Value = PassWord.Text;
comm.Parameters.Add(paraPassWord);
conn.Open();
SqlDataReader dr = comm.ExecuteReader();
if (dr.Read())
{
Response.Redirect("LogSuccess.htm");
}
else
{
Response.Redirect("LogFailure.htm");
}
conn.Close();
}
最后用一个用户类来实现:
代码
protected void CheckAccount()
{
Users NewUser = new Users();
string id=NewUser.Login(UserName.Text, PassWord.Text);
if (id!=null)
{
Response.Redirect("LogSuccess.htm");
}
else
{
Response.Redirect("LogFailure.htm");
}
}
User.cs用户类
代码
public class Users
{
#region 获取用户信息
//public UsersDetails GetUsersDetails(int uid)
//{
//}
#endregion
#region 添加用户
//public string AddUser(string uname, string psw)
//{
//}
#endregion
#region 用户登录
public string Login(string UserName, string PassWord)
{
SqlConnection conn = new SqlConnection(System.Configuration.ConfigurationManager.AppSettings["ConnectionString"]);
SqlCommand comm = new SqlCommand("Users_Logins", conn);
comm.CommandType = CommandType.StoredProcedure;
//加入参数
SqlParameter paraUserName = new SqlParameter("@UserName", SqlDbType.VarChar, 50);
paraUserName.Value = UserName;
comm.Parameters.Add(paraUserName);
SqlParameter paraPassWord = new SqlParameter("@PassWord", SqlDbType.VarChar, 50);
paraPassWord.Value = PassWord;
comm.Parameters.Add(paraPassWord);
SqlParameter paraUserID = new SqlParameter("@UserID", SqlDbType.Int);
paraUserID.Direction = ParameterDirection.Output;
comm.Parameters.Add(paraUserID);
conn.Open();
comm.ExecuteNonQuery();
conn.Close();
int userid = (int)(paraUserID.Value);
if (userid == 0)
return null;
else
return userid.ToString();
}
#endregion
}
小弟初学,望大家指教~请各位大神提提建议,说说可以改进的地方。