C# 显示登录用户的详细信息
我目前正在开发一个web应用程序,我想显示当前登录用户的详细信息。当用户登录时,我已经创建了一个新会话,并尝试使用它来验证当前用户并显示其详细信息。C代码如下所示C# 显示登录用户的详细信息,c#,sql,asp.net,visual-studio,C#,Sql,Asp.net,Visual Studio,我目前正在开发一个web应用程序,我想显示当前登录用户的详细信息。当用户登录时,我已经创建了一个新会话,并尝试使用它来验证当前用户并显示其详细信息。C代码如下所示 protected void Page_Load(object sender, EventArgs e) { try { SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrin
protected void Page_Load(object sender, EventArgs e)
{
try
{
SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString);
conn.Open();
string detailsQuery = "select * FROM [Customer] where Customer_No ='" + Session["New"] + "'";
SqlCommand com = new SqlCommand(detailsQuery, conn);
com.ExecuteNonQuery();
Response.Write("Details Showing");
conn.Close();
}
catch (Exception ex)
{
Response.Write("Error:" + ex.ToString());
}
}
我可以很容易地显示所有客户的详细信息,但我不知道如何显示当前登录的用户。如果有任何帮助,我将不胜感激。您需要将数据输入UI。控制使这变得容易。它可以根据绑定到它的数据自动生成HTML表。我们将在标记中声明一个GridView,将数据选择为一个,然后将DataTable绑定到GridView
<asp:GridView runat="server" id="CustomerDetailsGV" AutoGenerateColumns="true" />
语句将SqlConnection
包装在中
string detailsQuery = "select * FROM [Customer] where Customer_No ='" + Session["New"] + "'";
SqlCommand com = new SqlCommand(detailsQuery);
DataTable dt = new DataTable();
using (var conn = new SqlConnection(ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString)
{
com.Connection = conn;
conn.Open();
dt.Load(com.ExecuteReader());
}
CustomerDetailsGV.DataSource = dt;
CustomerDetailsGV.DataBind();
您可能会发现这是一个有用的功能:
/// <summary>
/// Executes a database command with the specified connection and returns a data table synchronously.
/// </summary>
/// <param name="command">The command to execute.</param>
/// <param name="connection">The connection to use.</param>
/// <returns>A DataTable representing the command results.</returns>
public static DataTable GetDataTable(SqlCommand command, SqlConnection connection)
{
DataTable dt = new DataTable();
command.Connection = connection;
using (connection)
{
connection.Open();
dt.Load(command.ExecuteReader());
}
return dt;
}
您网页上的每个人都可以通过Session.SessionID字符串进行标识。
. 在Customer表中,添加SessionID字段(SQL Varchar(70))。当客户登录时,更新该客户的session.sessionID。如果要在屏幕上显示当前客户的信息,只需提供他们的Session.sessionID即可
protected void Page_Load(object sender, EventArgs e)
{
try
{
SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString);
conn.Open();
string detailsQuery = "select * FROM [Customer] where SessionID ='" + Session.SessionID + "'";
SqlCommand com = new SqlCommand(detailsQuery, conn);
com.ExecuteNonQuery();
Response.Write("Details Showing");
conn.Close();
}
catch (Exception ex)
{
Response.Write("Error:" + ex.ToString());
}
}
我不明白你的问题是什么。您说“我可以轻松地显示所有客户的详细信息”,但您没有任何代码来执行此操作。我可以使用工具箱visual studio中的表格向导来执行此操作。非常感谢您的帮助。@colliec啊,最后一件事。加载数据时,您应该在if(!IsPostBack){/*yourcodehere*/}
块中完成所有操作。否则,回发时,数据将被重新加载,这可能不是您想要的。@AndrewGrinder您应该使用@
语法将该注释定向到colliec。您还应该使用可在此处查看的参数化查询:dotnetperls.com/sqlparameter。这将避免任何SQL注入攻击。“代码就像每个人都是小偷。”-Bawan在codelesscode.com/case/140(Heartbleed)中再次谈到参数化查询:一个查询问题的旧答案:@colliec
string detailsQuery = "select * FROM [Customer] where Customer_No ='" + Session["New"] + "'";
SqlCommand com = new SqlCommand(detailsQuery);
SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString);
CustomerDetailsGV.DataSource = GetDataTable(com, con);
CustomerDetailsGV.DataBind();
protected void Page_Load(object sender, EventArgs e)
{
try
{
SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString);
conn.Open();
string detailsQuery = "select * FROM [Customer] where SessionID ='" + Session.SessionID + "'";
SqlCommand com = new SqlCommand(detailsQuery, conn);
com.ExecuteNonQuery();
Response.Write("Details Showing");
conn.Close();
}
catch (Exception ex)
{
Response.Write("Error:" + ex.ToString());
}
}