C# Asp.net:登录重定向失败
一旦客户输入用户名和密码,他们需要选择单选按钮作为最终用户或会计师登录。但是,当我单击“最终用户”单选按钮时,它会再次重定向到主页面,但不会重定向到company.aspx页面。好心帮忙- 我的代码:C# Asp.net:登录重定向失败,c#,asp.net,C#,Asp.net,一旦客户输入用户名和密码,他们需要选择单选按钮作为最终用户或会计师登录。但是,当我单击“最终用户”单选按钮时,它会再次重定向到主页面,但不会重定向到company.aspx页面。好心帮忙- 我的代码: protected void Button1_Click(object sender, EventArgs e) { SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["Connect
protected void Button1_Click(object sender, EventArgs e)
{
SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString);
conn.Open();
string checkuser = "select count(*) from Registration where USERNAME='" + TextBoxUsername.Text + "'";
SqlCommand com = new SqlCommand(checkuser, conn);
int temp = Convert.ToInt32(com.ExecuteScalar().ToString());
conn.Close();
if (temp == 1)
{
conn.Open();
string checkPasswordQuery = "Select password from Registration where USERNAME='" + TextBoxUsername.Text + "'";
SqlCommand passComm = new SqlCommand(checkPasswordQuery, conn);
string password = passComm.ExecuteScalar().ToString().Replace(" ", "");
if (password == TextBoxPassword.Text)
{
Session["New"] = TextBoxUsername.Text;
Response.Write("Password is correct");
if (EndUserRadioButton.Checked)
{
Response.Redirect("Company.aspx");
}
else if (AccountantRadioButton.Checked)
{
Response.Redirect("AccountantUploads.aspx");
}
}
else
{
Response.Write("Password is not correct");
}
}
else
{
Response.Write("Username is not correct");
}
}
protected void RadioButton1_CheckedChanged(object sender, EventArgs e)
{
if (EndUserRadioButton.Checked)
{
Response.Redirect("Company.aspx");
}
else if (AccountantRadioButton.Checked)
{
Response.Redirect("AccountantUploads.aspx");
}
}
company.aspx背后的代码: 公共部分类公司:System.Web.UI.Page { 字符串_ConnectionString=ConfigurationManager.ConnectionString[ConnectionString].ConnectionString; SqlConnection conn=新建SQLConnectionConfiguration Manager.ConnectionString[ConnectionString].ConnectionString
protected void Page_Load(object sender, EventArgs e)
{
if (Session["New"] != null)
{
Label_welcome.Text += Session["New"].ToString();
}
else
Response.Redirect("MainPage.aspx");
}
protected void Button2_Click(object sender, EventArgs e)
{
Response.Redirect("ChangePassword.aspx");
}
protected void Button1_Click(object sender, EventArgs e)
{
string _ConnectionString = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString);
DataTable dt = new DataTable();
string qry1 = "SELECT [USERNAME], [EMAIL], [PASSWORD], [STATE], [NAME], [CNAME], [ADDRESS], [TELEPHONE], [FAX], [TYPE], [AGENT] FROM [Registration] WHERE ([USERNAME] LIKE '%' + @USERNAME + '%')";
SqlDataAdapter da = new SqlDataAdapter(qry1, conn);
SqlCommand com = new SqlCommand(qry1, conn);
da.SelectCommand.Parameters.AddWithValue("@USERNAME", TextBoxSearch.Text);
da.Fill(dt);
GridView1.DataSourceID = string.Empty;
GridView1.DataSource = dt;
}
protected void GridView1_OnRowSelected(object sender, GridViewSelectEventArgs e)
{
var username = Convert.ToString(GridView1.DataKeys[e.NewSelectedIndex].Value);
Response.Redirect("ViewUploads.aspx?USERNAME=" +username);
}
要在使用窗体身份验证时手动登录用户,请使用FormsAuthentication.SetAuthCookie 例如:
username=txtUserName.text;
FormsAuthentication.SetAuthCookie(username, false);
Response.Redirect(url);
Redirect只是向客户端发送一个HTTP重定向
也可以使用参数化查询
string checkPasswordQuery = "Select password from Registration where USERNAME=@userName";
SqlCommand passComm = new SqlCommand(checkPasswordQuery, conn);
passComm.Parameters.AddWithValue("@userName",txtUserName.Text);
这避免了SQl注入您需要检查Company.aspx/AccountantUploads.aspx页面中的代码,以确保成功登录后有登录会话检查,该会话可能为null或空,页面重定向回主页。对不起,我该怎么做?您可以发布Company.aspx页面加载事件背后的代码吗?可以吗在web.config中发布您的身份验证部分?您是否尝试调试源代码并分析会话[New]为空的原因?