ASP.net Logion用户登陆验证代码

web.config




<configuration>






……






<system.web>






<database>






<add key="strConn" value="server=107.120.65.99;database=DB;uid=DB;pwd=DB" />






</database>






</system.web>






……






</configuration>














Global.asax.cs






protected void Session_End(Object sender, EventArgs e)








...{






Application.Lock();






Application.Remove(Session.SessionID.ToString());




Application["OL_UserCount"]=(int)Application["OL_UserCount"]-1;






Application.UnLock();






}












login.aspx












<table class="logintable">






<tr> <td colspan="2" class="tdcaption"><font class="fcaption">ログイン</font></td></tr>






<tr> <td><font class="font100">ユーザーID:</font></td></tr>






<td><asp:TextBox CssClass="itxt" ID="txtName" Runat="server"></asp:TextBox></td></tr>






<tr> <td><font class="font100">パスワード:</font></td>






<td><asp:TextBox CssClass="itxt" ID="txtPwd" TextMode="Password" Runat="server"></asp:TextBox></td></tr>






<tr> <td><asp:Button CssClass="ibutton" ID="btnSubmit" Text="login" Runat="server"></asp:Button></td>






<td><input type="reset" class="ibutton" name="btnReset" value="reset"></td></tr>






</table>














login.aspx.cs






using System.Collections.Specialized;






using System.Data.SqlClient;












public void LoginBySQL()








...{






string strConn=(String) ((NameValueCollection) Context.GetConfig("system.web/database"))["strConn"];






using (SqlConnection conn = new SqlConnection(strConn))








...{






SqlCommand cmd = new SqlCommand("sp_IDPWD",conn);






cmd.CommandType=CommandType.StoredProcedure; //这里采用存储过程






cmd.Parameters.Add("@ID",SqlDbType.VarChar,20);






cmd.Parameters.Add("@PWD",SqlDbType.VarChar,20);






cmd.Parameters["@ID"].Value=txtName.Text;






cmd.Parameters["@PWD"].Value=txtPwd.Text;






conn.Open();












using (SqlDataReader dr = cmd.ExecuteReader())








...{






if(dr.Read())








...{






bool NotOL=true;






for(int i=0;i<Application.Count;i++)








...{






if(Application[Application.GetKey(i).ToString()].ToString()==dr["UserID"].ToString())






NotOL=false;






}






if(NotOL)








...{






Application[Session.SessionID.ToString()]=dr["UserID"].ToString();






Application["OL_UserCount"]=(int)Application["OL_UserCount"]+1;








Session["UserName"]=dr["UserName"].ToString();//Sessions


Response.Redirect("./main/main.aspx");






}






else






message.Text="已经登陆";






}






else








...{






message.Text="密码错误";






}






}






}






}






存储过程


ALTER PROCEDURE dbo.sp_IDPWD


(


@id varchar(20),


@pwd varchar(20)




/**//*@pwd datatype OUTPUT*/


)


AS


SET NOCOUNT ON


select * from [DB].[DB].[Admin] where (UserID=@id) and ([Password]=@pwd)


RETURN