关于网站登录的一些问题
首先,想了解下网站登录的一些原理。在论坛找了N个帖子,试验了N次后,发现自己依旧没有成功。
登录方面,需要提供什么东西。
cookie,用户密码?
还有cookie 怎么获得,怎么进行操作,还有如何每次提交保持登录状态。
--------------------编程问答-------------------- 把asp.net中的有关cookie的知识看下,就可以了 --------------------编程问答-------------------- cookie内容使用并不难,LZ看一会应该没问题的
而且可以看一个session,这两个知识点是一定要会的,但用法一样
--------------------编程问答--------------------
--------------------编程问答-------------------- --------------------编程问答-------------------- 用户首先使用用户名和密码提交登录验证,验证通过后,将登陆用户的主键等主要信息写入Session或者Cookie,后续如果需要使用用户信息可以从Session或Cookie中获取,必要的时候可以查询数据库获取用户的其它信息。每个需要登录才能查看的页面,需要判断Session或Cookie的值是否为空 --------------------编程问答-------------------- 用request专门取cookie的值 你可以给用户名登陆设置过期时间 --------------------编程问答-------------------- 点击登陆按钮,执行以下代码
functionsetCookie(name,value)//cookies设置
{
varargv=setCookie.arguments;//获取参数数组
varargc=setCookie.arguments.length;//
varexpires=(argc>2)?argv[2]:null;//是否设置cookies日期
if(expires!=null)
{
varLargeExpDate=newDate();
LargeExpDate.setTime(LargeExpDate.getTime()(expires*1000*3600*24));
}
document.cookie=name"="escape(value)";"((expires==null)?"":(";expires="LargeExpDate.toGMTString()))
}
functiongetCookie(Name)//cookies读取
{
varsearch=Name"="
if(document.cookie.length>0)
{
offset=document.cookie.indexOf(search)
if(offset!=-1)
{
offset=search.length
end=document.cookie.indexOf(";",offset)
if(end==-1)end=document.cookie.length
returnunescape(document.cookie.substring(offset,end))
}
elsereturn""
}
return""
}
private void btnOK_Click(object sender, System.EventArgs e)
{
string strLoginName = txtLoginName.Text.Trim();
string strLoginPwd = txtLoginPwd.Text.Trim();//取得用户名和密码
////这段访问数据库的,不用讲解了吧,调用了一个存储过程,直接写sql语句也可以
SqlConnection Conn = new SqlConnection( System.Configuration.ConfigurationSettings.AppSettings["SqlClientString"] );
SqlCommand Cmd = new SqlCommand( "LoginUser_UserManage", Conn );
Cmd.CommandType = CommandType.StoredProcedure;
Cmd.Parameters.Add( "@LoginName", strLoginName );
Cmd.Parameters.Add( "@LoginPWD", strLoginPwd );
SqlParameter parUserID = Cmd.Parameters.Add( "@EmployeeOuid", SqlDbType.Int);
parUserID.Direction = ParameterDirection.Output;
SqlParameter parTag = Cmd.Parameters.Add( "@tag", SqlDbType.VarChar, 10 );
parTag.Direction = ParameterDirection.Output;
try
{
Conn.Open();
Cmd.ExecuteNonQuery();
string strTag = parTag.Value.ToString();
if( strTag == "Success" )
{
Session["sUserID"] = parUserID.Value.ToString();
//如果成功将用户写出到Cookie
BaseClass.OperateAndValidate.WriteCookie( "hfwlLoginName", strLoginName );
Response.Redirect("index.htm",false);
}
else if( strTag == "noP" )
{
labError.Text = "没有这个用户名!";
}
else if( strTag == "PWDError" )
{
labError.Text = "密码错误!";
}
}
catch( SqlException sqlEx )
{
labError.Text = sqlEx.Message.ToString();
}
catch( Exception ex )
{
labError.Text = ex.Message.ToString();
}
finally
{
Conn.Close();
}
}
////写出到cookie的代码
/// <summary>
/// 写Cookie到客户端
/// </summary>
/// <param name="strCookieName">Cookie的名称</param>
/// <param name="strCookieValue">Cookie的值</param>
public static void WriteCookie( string strCookieName,string strCookieValue )
{
System.Web.HttpCookie ck = new System.Web.HttpCookie( strCookieName, strCookieValue );
ck.Expires = DateTime.Now.AddDays(365);
System.Web.HttpContext.Current.Response.AppendCookie( ck );
}
原理:先登陆,如果登陆成功,则将用户信息写入到cookie --------------------编程问答-------------------- cookie取值
/// <summary>--------------------编程问答-------------------- 上面的yanlingoffice 全说完了
/// 读取客户端的某个Cookie的值
/// </summary>
/// <param name="strCookieName">Cookie的名称</param>
/// <returns>成功返回值,失败返回空</returns>
public static string ReadCookie( string strCookieName )
{
System.Web.HttpCookie ck = System.Web.HttpContext.Current.Request.Cookies[strCookieName];
if( ck != null )
{
return ck.Value;
}
else
{
return "";
}
}
大体就是登陆时Session临时保存 cookie添加用户信息
然后读取获得值
下面可以去做别的功能了 --------------------编程问答-------------------- 可以用session .. --------------------编程问答-------------------- 每天回帖即可获得10分可用分 --------------------编程问答-------------------- 你们说的都是在服务端操作的,我要的是模拟浏览器登录 --------------------编程问答--------------------
--------------------编程问答-------------------- Common.Sub.Encrypt
/// <summary>
/// 保存一个Cookie
/// </summary>
/// <param name="CookieName">Cookie名称</param>
/// <param name="CookieValue">Cookie值</param>
/// <param name="CookieTime">Cookie过期时间(小时),0为关闭页面失效</param>
public static void SaveCookie(string CookieName, string CookieValue, double CookieTime)
{
HttpCookie myCookie = new HttpCookie(CookieName);
DateTime now = DateTime.Now;
myCookie.Value = Common.Sub.Encrypt(CookieValue);
if (CookieTime != 0)
{
myCookie.Expires = now.AddDays(CookieTime);
if (HttpContext.Current.Response.Cookies[CookieName] != null)
HttpContext.Current.Response.Cookies.Remove(CookieName);
HttpContext.Current.Response.Cookies.Add(myCookie);
}
else
{
if (HttpContext.Current.Response.Cookies[CookieName] != null)
HttpContext.Current.Response.Cookies.Remove(CookieName);
HttpContext.Current.Response.Cookies.Add(myCookie);
}
}
/// <summary>
/// 取得CookieValue
/// </summary>
/// <param name="CookieName">Cookie名称</param>
/// <returns>Cookie的值</returns>
public static string GetCookie(string CookieName)
{
HttpCookie myCookie = new HttpCookie(CookieName);
myCookie = HttpContext.Current.Request.Cookies[CookieName];
if (myCookie != null)
return Common.Sub.Decrypt(myCookie.Value);
else
return null;
}
/// <summary>
/// 清除CookieValue
/// </summary>
/// <param name="CookieName">Cookie名称</param>
public static void ClearCookie(string CookieName)
{
HttpCookie myCookie = new HttpCookie(CookieName);
DateTime now = DateTime.Now;
myCookie.Expires = now.AddYears(-2);
HttpContext.Current.Response.Cookies.Add(myCookie);
}
这个是我自己写的一个加密方式,你可以改成你自己的或是去掉,下面取cookies的时候还有一个解密的,注意一下就可以了 --------------------编程问答--------------------
道理是一样的,没什么区别。 --------------------编程问答-------------------- /// <summary>
/// 写COOKIES对象,定义COOKIES参数
/// </summary>
/// <param name="cookies">cookies用户定义的Cookie名称</param>
/// <param name="cookies_name">cookies_name用户定义的Cookie值名称,多项名称用","分隔</param>
/// <param name="cookies_value">cookies_value用户定义的Cookie值,多项名称用","分隔</param>
/// <param name="cookies_time">cookies_time用户定义的Cookie有效时间,以小时为单位</param>
public void WriteCookies(string cookies, string cookies_name, string cookies_value, int cookies_time)
{
string[] cookies_n;
string[] cookies_v;
TimeSpan cookies_span = new TimeSpan(0, cookies_time, 0, 0);
cookies_n = cookies_name.Split(',');
cookies_v = cookies_value.Split(',');
int cookies_number = cookies_v.GetUpperBound(0);
HttpCookie mycookie = new HttpCookie(cookies);
for (int i = 0; i <= cookies_number; i++)
{
mycookie.Values.Add(cookies_n[i], cookies_v[i]);
}
DateTime dtNow = DateTime.Now;
mycookie.Expires = dtNow + cookies_span;
Context.Response.AppendCookie(mycookie);
return;
}
/// <summary>
/// 读取COOKIES对象
/// </summary>
/// <param name="cookies">cookies用户定义的Cookie名称</param>
/// <param name="cookies_name">cookies_name用户定义的Cookie值名称,多项名称用","分隔</param>
/// <returns>返回值列表,用","分隔,如果没有找到指定COOKIES,则返回空值</returns>
public string ReadCookies(string cookies, string cookies_name)
{
string cookies_value = null;
HttpCookie mycookie = Context.Request.Cookies[cookies];
if (mycookie != null)
{
string[] cookies_n;
cookies_n = cookies_name.Split(',');
int cookies_number = cookies_n.GetUpperBound(0);
for (int i = 0; i <= cookies_number; i++)
{
cookies_value = cookies_value + Server.HtmlEncode(mycookie.Values[cookies_n[i]]) + ",";
}
if (cookies_value.Length > 0)
cookies_value = cookies_value.Substring(0, cookies_value.Length - 1);
}
return cookies_value;
} --------------------编程问答--------------------
你能不能把前台代码也顺便帖出来下,就看后台有些不明白啊?“if( strTag == "Success" )”这样也能判断?
--------------------编程问答-------------------- 保存到session
而session保存到state server
补充:.NET技术 , C#