using System; using System.Data; using System.Configuration; using System.Web; using System.Web.Security; using System.Web.UI; using System.Web.UI.WebControls; using System.Web.UI.WebControls.WebParts; using System.Web.UI.HtmlControls; using System.Data.SqlClient; using System.Text.RegularExpressions; public partial class _Default : System.Web.UI.Page 
{ 
public SqlCommand Cmd; public SqlConnection Conn; public DataSet Ds = new DataSet(); public SqlDataAdapter Da; public string SqlStr; //定义SQL语句 protected void Page_Load(object sender, EventArgs e) 
{ 
if (!Page.IsPostBack) { string getUrl,userUrl; getUrl = Request.Url.AbsoluteUri; //获取URL(后面有"/index.aspx") //判断URL是否为空(似乎没什么用) if (getUrl != "") { userUrl = getUrl.Replace("http://", ""); //将URL中的"http://"去掉 userUrl = userUrl.Replace("www.", ""); //将URL中的"www."去掉 userUrl = userUrl.Split('.')[0]; //取字符串第一个点之前的部分 //Response.Write(userUrl); //输出筛选后的用户名 //Response.Write(getUrl); //输出Url //判断用户输入的URL是否符合要求(只允许"http://www.***.lilong.com"和"http://***.lilong.com") if (getUrl != "http://www." + userUrl + "lilong.com/index.aspx" && getUrl != "http://" + userUrl + "lilong.com/index.aspx") { //此处处理错误(URL不符合规范) 
} string conStr = ConfigurationSettings.AppSettings["constr_2000"]; //获取连接字符串 Conn = new SqlConnection(conStr); //连接数据库 Conn.Open(); //开启数据库 SqlStr = "select U_Name from T_User where U_Name = '" + userUrl + "'"; //构建SQL语句 Da = new SqlDataAdapter(SqlStr, Conn); //执行SQL语句 Da.Fill(Ds, "T_User"); Conn.Close(); //关闭数据库 if (Ds.Tables["T_User"].Rows.Count > 0) { //此处处理用户 } else { //跳到出错页(没有当前用户) } } else { //跳到出错页(URL为空) } } } 
} 
浙公网安备 33010602011771号