C# 饼干;“记住我”;你不工作了
我想在我的C# 饼干;“记住我”;你不工作了,c#,asp.net,cookies,C#,Asp.net,Cookies,我想在我的登录页面中实现记住我的功能。为此,我使用了cookies。它工作正常,但当登录和注销两次,然后尝试使用相同的用户名和密码登录后,会显示无效的用户名和密码。 登录页面代码 protected void Page_Load(object sender, EventArgs e) { lblStatus.Visible = false; if(Request.Cookies["temp"] != null) {
登录
页面中实现记住我的功能。为此,我使用了cookies。它工作正常,但当登录和注销两次,然后尝试使用相同的用户名和密码登录后,会显示无效的用户名和密码。
登录页面代码
protected void Page_Load(object sender, EventArgs e)
{
lblStatus.Visible = false;
if(Request.Cookies["temp"] != null)
{
txtUsername.Text = Request.Cookies["temp"].Values["u"];
txtPassword.Text = Request.Cookies["temp"].Values["p"];
}
}
protected void btnLogn_Click(object sender, EventArgs e)
{
SqlConnection con = new SqlConnection(str);
con.Open();
string username = txtUsername.Text;
string password = txtPassword.Text;
SqlCommand cmd = new SqlCommand("select username from Login where username='"+username+"' AND password='"+password+"'",con);
SqlDataReader dr = cmd.ExecuteReader();
if (dr.Read())
{
HttpCookie ht = new HttpCookie("temp");
if(CheckBox1.Checked)
{
ht.Values["u"] = txtUsername.Text;
ht.Values["p"] = txtPassword.Text;
Response.Cookies.Add(ht);
Response.Redirect("Home.aspx");
}
else
{
if (Request.Cookies["temp"] != null)
{
ht.Values["u"] = "";
ht.Values["p"] = "";
Response.Cookies.Add(ht);
}
Response.Redirect("Home.aspx");
}
}
else
{
lblStatus.Visible = true;
lblStatus.Text = "Invalid username or Password";
lblStatus.ForeColor = Color.Red;
}
}
只有一个按钮的主页代码(注销)
检查页面加载中的回发,如下所示
protected void Page_Load(object sender, EventArgs e)
{
lblStatus.Visible = false;
if(!Page.IsPostBack)
{
if(Request.Cookies["temp"] != null)
{
txtUsername.Text = Request.Cookies["temp"].Values["u"];
txtPassword.Text = Request.Cookies["temp"].Values["p"];
}
}
}
在您的代码中,单击按钮后,旧cookie值将替换文本框的当前值您听说过SQL注入攻击吗?不知道。还有一件事,当我将密码的文本模式设置为密码时,cookie不会在密码框中写入密码这是文本框的自然行为在密码模式下。
protected void Page_Load(object sender, EventArgs e)
{
lblStatus.Visible = false;
if(!Page.IsPostBack)
{
if(Request.Cookies["temp"] != null)
{
txtUsername.Text = Request.Cookies["temp"].Values["u"];
txtPassword.Text = Request.Cookies["temp"].Values["p"];
}
}
}