ASP.NET—From验证:全部代码及讲解
关于Forms验证的文章网上千百篇,但我花了1天半的时间学会了“一点点”,
现在把代码分享出来,希望对像我一样的初学者所有帮助,也希望高手给指点一下:
--------------------------------------------------------------------------------
Step 1:新建数据库(库:MyForms ;表:users ;字段:ID,userName, userPwd);
Step 2:新建网站,web.config 的文件全部代码如下:
web.config 的全部代码
<?xml version="1.0"?>
<configuration>
<appSettings/>
<connectionStrings/>
<system.web>
<compilation debug="true"/>
<sessionState cookieless="AutoDetect"/>
<!--解决当浏览器端禁用Cookie时-->
<authentication mode="Forms">
<forms name="CookieName" loginUrl="login.aspx" protection="All"></forms>
<!--loginUrl为登录面URL,如果没有身份验证Cookie,客户端将被重定向到此URL-->
</authentication>
<authorization>
<deny users="?"/>
</authorization>
<customErrors mode="On" defaultRedirect="GenericErrorPage.htm">
<error statusCode="403" redirect="NoAccess.htm" />
<error statusCode="404" redirect="FileNotFound.htm" />
</customErrors>
</system.web>
</configuration>
Step 3:添加一个 login.aspx 页面;拖2个 TextBox ,1个Button 和1个CheckBox ;
并将CheckBox 的text 属性设为:“是否保存Cookis ";
Step 4:login.aspx 的隐藏代码如下:
login 全部隐藏代码
using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Data.SqlClient; //导入命名空间
public partial class _Default : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
}
protected void Button1_Click(object sender, EventArgs e)
{
string userName = TextBox1.Text.Trim();
string userPwd = TextBox2.Text.Trim();
SqlConnection con = new SqlConnection("Server=.;Database=MyForms;User ID=sa;Password=123456");
con.Open();
SqlCommand cmd = new SqlCommand("select count(*) from users where userName='" + userName + "' and userPwd='" + userPwd + "'", con);
int count = Convert.ToInt32(cmd.ExecuteScalar());
if (count > 0)
{
System.Web.Security.FormsAuthentication.SetAuthCookie(this.TextBox1.Text, this.CheckBox1.Checked);
Response.Redirect("Default.aspx");
//上面两行,也可以换成下面一行,如通过验证则直接转向请求的页面,而不需要Responsel.Redirect("");
//System.Web.Security.FormsAuthentication.RedirectFromLoginPage(this.TextBox1.Text, false);
}
else
{
Response.Write("用户不合法");
}
}
}
Step 5:拖一个Button 到 Default.aspx 上,将其text 属性设为"登出",其事件代码如下:
Button 事件代码
protected void Button1_Click(object sender, EventArgs e)
{
System.Web.Security.FormsAuthentication.SignOut();
}