|
#2
djx5202007-04-27 15:38
|
请问:我这段用户登陆的代码有错吗?我数据库中数据如下:
username Login_ID password Login_level
李霞 administrator 123 0
张洋 aa aa 1
当我输入login_ID:administrator,password:123时,我想让他跳转的是index.aspx,结果怎么跳转到scan.aspx页面呢?不明白!
public void DBOpen()
{
strConnectionString = System.Configuration.ConfigurationSettings.AppSettings["ConnectionString"];
conn = new SqlConnection(strConnectionString);
conn.Open();
}
//检测用户输入的用户名和密码的正确性
private void submit_Click(object sender, System.EventArgs e)
{
string str;
if(txtlogname.Text==""||txtlogpwd.Text=="")
{
Response.Write("<script>javascript:alert('您输入的用户名或密码有一项为空,为了安全起见,请每项都输入!');</script>");
Response.Write("javascript:window.location='Login.aspx'");
}
else
{
str="select username from login where login_ID='" + txtlogname.Text + "' and password='" + txtlogpwd.Text + "'";
DBOpen();
com=new SqlCommand(str,conn);
string user_name=Convert.ToString(com.ExecuteNonQuery());
if(user_name!=null)
{
Input(user_name);
}
else
{
message.Visible=true;
message.Text="您不是公司的员工,无权访问!";
}
conn.Close();
}
}
private void Input(string name)
{
Session["UserID"]=txtlogname.Text;
Session["username"]=name;
string level="select login_level from login where login_ID='" + txtlogname.Text + "'";
DBOpen();
com=new SqlCommand(level,conn);
string lev=Convert.ToString(com.ExecuteNonQuery());
Session["login_level"]=Convert.ToInt32(lev);
if(Convert.ToInt32(lev)==0)
{
Response.Write("<script>javascript:alert('您是超级用户,具有管理员工信息的权限!');</script>");
Response.Redirect("index.aspx");
}
else
{
Response.Write("<script>javascript:alert('您是普通用户,只具有一般的浏览和查询的权限!');</script>");
Response.Redirect("scan.aspx");
}
}