熱點推薦:
您现在的位置: 電腦知識網 >> 編程 >> .NET編程 >> 正文

在ASP.NET中創建安全的web站點[4]

2013-11-13 12:20:21  來源: .NET編程 
界面做好之後就開始編寫提交按鈕事件首先需要注冊該事件代碼如下

private void InitializeComponent()

{

thisbtnLoginClick += new SystemWebUIImageClickEventHandler(thisbtnLogin_Click);







}

  事件注冊好之後自然就是編寫事件處理函數了

private void btnLogin_Click(object sender SystemWebUIImageClickEventArgs e)

{

CCommonDB sql = new CCommonDB();

string redirect = ;



if((redirect = sqlAuthenticateUser(thisSession thisResponse

usernameText passwordText saveLoginChecked)) != stringEmpty)

{

// Redirect the user

ResponseRedirect(redirect);

}

else

{

MessageText = Login Failed!;

}

}


  讀者看完上面的代碼之後一定想問CCommonDB是哪裡來的東東這是我編寫的一個類用來處理用戶登錄信息的如果成功則把相關信息寫入sessionCookie和SQL數據庫同時跳到defaultaspx頁面具體如下

CCommonDBcs



namespace secureComponents

{

public class CCommonDB : CSql

{

public CCommonDB() : base() { }



public string AuthenticateUser(

SystemWebSessionStateHttpSessionState objSession // Session Variable

SystemWebHttpResponse objResponse // Response Variable

string email // Login

string password // Password

bool bPersist // Persist login

)

{

int nLoginID = ;

int nLoginType = ;



// Log the user in

Login(email password ref nLoginID ref nLoginType);



if(nLoginID != ) // Success

{

// Log the user in

SystemWebSecurityFormsAuthenticationSetAuthCookie(nLoginIDToString()

bPersist);



// Set the session varaibles

objSession[loginID] = nLoginIDToString();

objSession[loginType] = nLoginTypeToString();



// Set cookie information incase they made it persistant

SystemWebHttpCookie wrapperCookie = new SystemWebHttpCookie(wrapper);

wrapperCookieValue = objSession[wrapper]ToString();

wrapperCookieExpires = DateTimeNowAddDays();



SystemWebHttpCookie lgnTypeCookie = new SystemWebHttpCookie(loginType);

lgnTypeCookieValue = objSession[loginType]ToString();

lgnTypeCookieExpires = DateTimeNowAddDays();



// Add the cookie to the response

objResponseCookiesAdd(wrapperCookie);

objResponseCookiesAdd(lgnTypeCookie);



return /candidate/defaultaspx;

}

case : // Admin Login

{

return /admin/defaultaspx;

}

case : // Reporting Login

{

return /reports/defaultaspx;

}

default:

{

return stringEmpty;

}

}

}

else

{

return stringEmpty;

}

}



/// <summary>

/// Verifies the login and password that were given

/// </summary>

/// <param name=email>the login</param>

/// <param name=password>the password</param>

/// <param name=nLoginID>returns the login id</param>

/// <param name=nLoginType>returns the login type</param>

public void Login(string email string password ref int nLoginID

ref int nLoginType)

{

ResetSql();



DataSet ds = new DataSet();



// Set our parameters

SqlParameter paramLogin = new SqlParameter(@username SqlDbTypeVarChar );

paramLoginValue = email;



SqlParameter paramPassword = new SqlParameter(@password SqlDbTypeVarChar );

paramPasswordValue = password;





CommandCommandType = CommandTypeStoredProcedure;

CommandCommandText = glbl_Login;

CommandParametersAdd(paramLogin);

CommandParametersAdd(paramPassword);



AdapterTableMappingsAdd(Table Login);

AdapterSelectCommand = Command;

AdapterFill(ds);



if(dsTablesCount != )

{

DataRow row = dsTables[]Rows[];



// Get the login id and the login type

nLoginID = ConvertToInt(row[Login_ID]ToString());

nLoginType = ConvertToInt(row[Login_Type]ToString());

}

else

{

nLoginID = ;

nLoginType = ;

}

}

}



abstract public class CSql

{

private SqlConnection sqlConnection; // Connection string

private SqlCommand sqlCommand; // Command

private SqlDataAdapter sqlDataAdapter; // Data Adapter

private DataSet sqlDataSet; // Data Set

public CSql()

{

sqlConnection = new SqlConnection(ConfigurationSettingsAppSettings

[ConnectionString]);

sqlCommand = new SqlCommand();

sqlDataAdapter = new SqlDataAdapter();

sqlDataSet = new DataSet();



sqlCommandConnection = sqlConnection;

}



/// <summary>

/// Access to our sql command

/// </summary>

protected SqlCommand Command

{

get { return sqlCommand; }

}



/// <summary>

/// Access to our data adapter

/// </summary>

protected SqlDataAdapter Adapter

{

get { return sqlDataAdapter; }

}



/// <summary>

/// Makes sure that everything is clear and ready for a new query

/// </summary>

protected void ResetSql()

{

if(sqlCommand != null)

{

sqlCommand = new SqlCommand();

sqlCommandConnection = sqlConnection;

}

if(sqlDataAdapter != null)

sqlDataAdapter = new SqlDataAdapter();



if(sqlDataSet != null)

sqlDataSet = new DataSet();

}



/// <summary>

/// Runs our command and returns the dataset

/// </summary>

/// <returns>the data set</returns>

protected DataSet RunQuery()

{

sqlDataAdapterSelectCommand = Command;



sqlConnectionOpen();

sqlConnectionClose();



sqlDataAdapterFill(sqlDataSet);



return sqlDataSet;

}

}

   

[]  []  []  []  


From:http://tw.wingwit.com/Article/program/net/201311/15688.html
    Copyright © 2005-2013 電腦知識網 Computer Knowledge   All rights reserved.