ID密码识别问题
问题描述:
我正在研究C#
三层架构。我已经创建了登录页面。我面临的问题是我添加了Proper Store过程和正确的代码,但Login页面仍然没有得到该ID。当我插入任何内容时,它会将我重定向到给定的重定向页面。以下是我的登录页面的代码。它不检查ID和密码是否有效。ID密码识别问题
表示层邮编:
protected void btnSave_Click(object sender, EventArgs e)
{
DataSet ds = new DataSet();
try
{
objRegistration.Email_id = TxtUserName.Text.Trim();
objRegistration.Password = TxtPassword.Text.Trim();
{
ds = objRegister.GetLogin(objRegistration);
objRegistration.Email_id = TxtUserName.Text.Trim();
objRegistration.Name = TxtPassword.Text.Trim();
}
if (ds.Tables.Count > 0)
{
LblMessage.Text = "";
LblMessage.ForeColor = System.Drawing.Color.Green;
Session["Email_id"] = TxtUserName.Text;
Session["Registration_id"] = HFRegistration_id.Value;
Response.Redirect("Student/StudentMainPage.aspx");
}
else
{
LblMessage.Text = "Enter Valid User_id!!..";
LblMessage.ForeColor = System.Drawing.Color.Red;
}
}
catch (Exception ex)
{
Response.Write("Oops! error occured :" + ex.Message.ToString());
LblMessage.ForeColor = System.Drawing.Color.Red;
}
finally
{
objRegistration = null;
objRegister = null;
}
}
Dal Code
public DataSet GetLogin(belStd_Registration objBEL)
{
DataSet ds = new DataSet();
try
{
SqlCommand cmd = new SqlCommand("P_M_Get_login", con);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@Email_id", objBEL.Email_id);
cmd.Parameters.AddWithValue("@Password", objBEL.Password);
SqlDataAdapter adp = new SqlDataAdapter(cmd);
adp.Fill(ds);
cmd.Dispose();
}
catch (Exception ex)
{
throw;
}
finally
{
ds.Dispose();
}
con.Close();
return ds;
}
这是我的方法:
ALTER procedure [dbo].[P_M_Get_Login]
(
@Email_id varchar(50),
@Password varchar(50)
)
as
begin
select Email_id,Password,Registration_Id from M_registration where Email_id [email protected]_id and [email protected];
end
select * from M_registration;
答
你需要使用数据集 - 你刚才似乎是测试,以查看这个用户名/密码存在。另一种方法是使用返回true或false的方法并测试这种情况。例如...
public bool IsValidUser(string email, string password)
{
string sql = "Select Email_id from M_registration where Email_id [email protected] and [email protected];";
using (SqlConnection myConnection = new SqlConnection(ConnectionString))
{
myConnection.Open();
using (SqlCommand myCommand = new SqlCommand(sql, myConnection))
{
myCommand.Parameters.AddWithValue("@email", email);
myCommand.Parameters.AddWithValue("@password", password);
return myCommand.ExecuteScalar() != null;
}
}
}
+0
谢谢..它对我很有用。 –
在您存储的proc中,为什么您要检查电子邮件/密码是否存在,然后从m_registration中选择所有内容? – WooHoo
从程序'select * from M_registration;' – levent
中删除此行,这不是程序的一部分,它是由错误添加的。 –