//
登录按钮事件
namespace
{
protected void Btn_enter_Click( object sender,System.EventArgs e)
... {
//实例化一个user
sms.user User = new sms.user();
//调用user.login方法
bool isOk = User.Login(Tbx_userid.Text.Trim(), Tbx_userpwd.Text.Trim());
if(isOk)
...{
//获取配置里的连接信息
string strconn = System.Configuration.ConfigurationManager.AppSettings["conn"];
OleDbConnection cn = new OleDbConnection(strconn);
cn.Open();
string strsql = "select * from users where User_id='" + Tbx_userid.Text + "'and User_password='" + Tbx_userpwd.Text + "'";
OleDbCommand cm = new OleDbCommand(strsql, cn);
OleDbDataReader dr = cm.ExecuteReader();
if (dr.Read())
...{
Session["User_id"] = dr["User_id"];
Session["User_power"] = dr["User_power"];
}
if((int)Session["User_power"]==0)
...{
Response.Redirect("~/studentquery/query.aspx");
}
else if((int)Session["User_power"]==1)
...{
Response.Redirect("~/studentmanage/student.aspx");
}
else
...{
Response.Redirect("~/teacherquery/tquery.aspx");
}
cn.Close();
}
else
...{
Lbl_note.Text="对不起,登陆失败!";
}
}
protected void Btn_enter_Click( object sender,System.EventArgs e)
... {
//实例化一个user
sms.user User = new sms.user();
//调用user.login方法
bool isOk = User.Login(Tbx_userid.Text.Trim(), Tbx_userpwd.Text.Trim());
if(isOk)
...{
//获取配置里的连接信息
string strconn = System.Configuration.ConfigurationManager.AppSettings["conn"];
OleDbConnection cn = new OleDbConnection(strconn);
cn.Open();
string strsql = "select * from users where User_id='" + Tbx_userid.Text + "'and User_password='" + Tbx_userpwd.Text + "'";
OleDbCommand cm = new OleDbCommand(strsql, cn);
OleDbDataReader dr = cm.ExecuteReader();
if (dr.Read())
...{
Session["User_id"] = dr["User_id"];
Session["User_power"] = dr["User_power"];
}
if((int)Session["User_power"]==0)
...{
Response.Redirect("~/studentquery/query.aspx");
}
else if((int)Session["User_power"]==1)
...{
Response.Redirect("~/studentmanage/student.aspx");
}
else
...{
Response.Redirect("~/teacherquery/tquery.aspx");
}
cn.Close();
}
else
...{
Lbl_note.Text="对不起,登陆失败!";
}
}
}
//类user代码
namespace sms
{
public class user
{
private DataAccess DataAs;
public user()
{
}
public bool Login(string UserID, string UserPwd)
{
DataAs = new DataAccess();
DataTable dt = DataAs.CreateDatatable("select 1 from [users] where User_id ='" + UserID + "' and User_password ='" + UserPwd+"'");
if (dt.Rows.Count > 0)
{
dt.Dispose();
return true;
}
else
{
dt.Dispose();
return false;
}
}
public OleDbDataReader GetUser(string UserID, string UserPwd)
{
DataAs = new DataAccess();
string strSql = "select User_id,User_password,User_power from [users] where User_id ='" + UserID + "' and User_password ='" + UserPwd + "'";
OleDbDataReader dr = DataAs.GetDatareader(strSql);
return dr;
}
public bool UpdateUserPwd(string UserID, string UserPwd)
{
DataAs = new DataAccess();
bool Result = DataAs.ExecSql("update [users] set User_password ='" + UserPwd + "' where User_id ='" + UserID + "'");
return Result;
}
}
}
{
public class user
{
private DataAccess DataAs;
public user()
{
}
public bool Login(string UserID, string UserPwd)
{
DataAs = new DataAccess();
DataTable dt = DataAs.CreateDatatable("select 1 from [users] where User_id ='" + UserID + "' and User_password ='" + UserPwd+"'");
if (dt.Rows.Count > 0)
{
dt.Dispose();
return true;
}
else
{
dt.Dispose();
return false;
}
}
public OleDbDataReader GetUser(string UserID, string UserPwd)
{
DataAs = new DataAccess();
string strSql = "select User_id,User_password,User_power from [users] where User_id ='" + UserID + "' and User_password ='" + UserPwd + "'";
OleDbDataReader dr = DataAs.GetDatareader(strSql);
return dr;
}
public bool UpdateUserPwd(string UserID, string UserPwd)
{
DataAs = new DataAccess();
bool Result = DataAs.ExecSql("update [users] set User_password ='" + UserPwd + "' where User_id ='" + UserID + "'");
return Result;
}
}
}
//类DataAccess代码
namespace sms
{
public class DataAccess
{
private OleDbConnection ConnString;
public DataAccess()
{
}
public OleDbConnection GetConn()
{
string strOleConn = System.Configuration.ConfigurationManager.AppSettings["conn"];
ConnString = new OleDbConnection(strOleConn);
return ConnString;
}
public OleDbDataReader GetDatareader(string strSql)
{
ConnString = GetConn();
ConnString.Open();
try
{
OleDbCommand OleCmd = new OleDbCommand(strSql, ConnString);
OleDbDataReader OleDr = OleCmd.ExecuteReader();
return OleDr;
}
finally
{
ConnString.Close();
}
}
public DataTable CreateDatatable(string strSql)
{
ConnString = GetConn();
ConnString.Open();
try
{
DataSet ds = new DataSet();
OleDbDataAdapter OleDa = new OleDbDataAdapter(strSql, ConnString);
OleDa.Fill(ds);
DataTable dt = new DataTable();
dt = ds.Tables[0];
return dt;
}
finally
{
ConnString.Close();
}
}
public bool ExecSql(string strSql)
{
ConnString = GetConn();
OleDbCommand OleCmd = new OleDbCommand(strSql, ConnString);
ConnString.Open();
try
{
if (OleCmd.ExecuteNonQuery() > 0)
{
return true;
}
else
{
return false;
}
}
catch
{
return false;
}
finally
{
ConnString.Close();
}
}
}
}
{
public class DataAccess
{
private OleDbConnection ConnString;
public DataAccess()
{
}
public OleDbConnection GetConn()
{
string strOleConn = System.Configuration.ConfigurationManager.AppSettings["conn"];
ConnString = new OleDbConnection(strOleConn);
return ConnString;
}
public OleDbDataReader GetDatareader(string strSql)
{
ConnString = GetConn();
ConnString.Open();
try
{
OleDbCommand OleCmd = new OleDbCommand(strSql, ConnString);
OleDbDataReader OleDr = OleCmd.ExecuteReader();
return OleDr;
}
finally
{
ConnString.Close();
}
}
public DataTable CreateDatatable(string strSql)
{
ConnString = GetConn();
ConnString.Open();
try
{
DataSet ds = new DataSet();
OleDbDataAdapter OleDa = new OleDbDataAdapter(strSql, ConnString);
OleDa.Fill(ds);
DataTable dt = new DataTable();
dt = ds.Tables[0];
return dt;
}
finally
{
ConnString.Close();
}
}
public bool ExecSql(string strSql)
{
ConnString = GetConn();
OleDbCommand OleCmd = new OleDbCommand(strSql, ConnString);
ConnString.Open();
try
{
if (OleCmd.ExecuteNonQuery() > 0)
{
return true;
}
else
{
return false;
}
}
catch
{
return false;
}
finally
{
ConnString.Close();
}
}
}
}