if (Page.IsValid)
{
if (String.Compare(Request.Cookies["CheckCode"].Value, txtcode.Text.ToUpper(), true) != 0)
{
Response.Write("<script>alert('验证码错误,请输入正确的验证码!!');window.location.reload('login.aspx')</script>"); return;
}
string password = FormsAuthentication.HashPasswordForStoringInConfigFile(TBXuserpass.Text, "md5");
OleDbConnection conn = dbcon.createconnection();
conn.Open();
OleDbParameter txtusername = new OleDbParameter("@username", OleDbType.VarChar, 30);
txtusername.Value = TBXusername.Text;
OleDbParameter txtuserpass = new OleDbParameter("@userpass", OleDbType.VarChar, 40);
txtuserpass.Value = password;
string strSql = "select * from sysenter where enteru=@username and enterp=@userpass";
OleDbCommand mycommand = new OleDbCommand(strSql, conn);
mycommand.Parameters.Add(txtusername);
mycommand.Parameters.Add(txtuserpass);
OleDbDataReader rs = mycommand.ExecuteReader();
if (rs.Read())
{
if (password == rs["enterp"].ToString())
{
Session.Timeout = 120;
Session["enteruser"] = TBXusername.Text;
Session["flag"] = rs["flag"].ToString();
conn.Close();
Response.Redirect("admin_main.html");
}
else
{
conn.Close();
Labmsg.Text = "对不起,您输入的密码有误!";
return;
}
}
else
{
conn.Close();
Labmsg.Text = "对不起,帐号或密码错误!";
return;
}
}