Trang Login b?ng ASP.NET v phn quy?

Wednesday, 24. June 2009, 03:29:38

- V?n d? phn quy?n:

Gi? s? t? c b?ng users, trong d c cc tru?ng username,pass, . . . d? phn quy?n
t? thm m?t tru?ng mod ki?u int d? gi tr? m?c d?nh l 3 d? gn cho thnh vin thu?
ng, khi m?t ngu?i dang k, tru?ng ny s? du?c gn gi tr? m?c d?nh l 3 (khi vi?t
code thm vo b?ng user b?n s? khng ph?i thm gi tr? ny).
- Tuong t? d? phn quy?n cho admin:
b?n vi?t code update tru?ng ny thnh 1 => cho admin, update thnh 2 => cho mod . .
., cc gi tr? phn quy?n cc b?n update tuong t? khi phn quy?n cho thnh vin.

Khi user Login

#
- Code load d? li?u t? b?ng users
#
Gn session
Session["username"]=gi tr? c?t user name t? table users;
Session["mod"]=gi tr? c?t mod t? table users;
............

L?y gi tr? Session["mod"] d? phn quy?n

#
--
if(Session["mod"].ToString()=="1") // Quyen admin
Response.Redirect("acp.aspx");
if(Session["mod"].ToString()=="2") // mod
Response.Redirect("trang danh cho mod.aspx");
else
// User
Response.Redirect("no.aspx");
--
#
--------------------------------------------------

d? t?o m?t trang login th trong CSDL c?a b?n t?o thm m?t c?t phn quy?n v?i
t?o m?t b?ng nhu sau:
CREATE TABLE TAIKHOAN(
USERNAME VARCHAR(30) NOT NULL PRIMARY KEY,
PASS VARCHAR(10) NOT NULL,
EMAIL VARCHAR(50) NOT NULL,
GENDER CHAR(10) NOT NULL,
ADDRESS VARCHAR(255) NOT NULL,
ACTIVATE TINYINT NOT NULL
)

ki?u d? li?u l ki?u int=1(admin),2(mod),3(guest)

Sau d b?n t?o m?t cu l?nh store produce nhu sau:
CREATE PROC LOGIN
@USERNAME VARCHAR(30),
@PASSWORD VARCHAR(10)
AS BEGIN
DECLARE @ACTI INT
DECLARE @COUNT INT
SET @COUNT=(SELECT COUNT(*) FROM TAIKHOAN WHERE USERNAME=@USERNAME AND
PASS=@PASSWORD)
IF(@COUNT>0)
BEGIN
SET @ACTI=(SELECT ACTIVATE FROM TAIKHOAN WHERE USERNAME=@USERNAME AND
PASS=@PASSWORD)
IF(@ACTI=1)
BEGIN
SELECT * FROM TAIKHOAN T,QUYEN Q WHERE T.USERNAME=@USERNAME AND T.PASS=@PASSWORD
AND T.ACTIVATE=Q.ACTIVATEID AND Q.ACTIVATEID=1
SET @ACTI=1
END
ELSE
BEGIN
SELECT * FROM TAIKHOAN T,QUYEN Q WHERE T.USERNAME=@USERNAME AND T.PASS=@PASSWORD
AND T.ACTIVATE=Q.ACTIVATEID AND Q.ACTIVATEID=3
SET @ACTI=2
END
END
ELSE
BEGIN
SET @ACTI=0
END
RETURN @ACTI

END

Trong l?p k?t n?i CSDL th khai bo g?i cu l?nh store trn:
public int Login(string username, string password)
{
int kq;
Ketnoi();
cmd = new SqlCommand();
cmd.CommandText = "LOGIN";
cmd.CommandType = CommandType.StoredProcedure;
cmd.Connection = cnn;
cmd.Parameters.AddWithValue("@USERNAME", username);
cmd.Parameters.AddWithValue("@PASSWORD", password);
SqlParameter returnvalue = new SqlParameter("@ACTI", "");
returnvalue.Direction = ParameterDirection.ReturnValue;
cmd.Parameters.Add(returnvalue);
cmd.ExecuteNonQuery();
kq = Convert.ToInt32(returnvalue.Value);
dongketnoi();
return kq;
}

Trong trang login.aspx th khai bo v g?i hm nhu sau:

protected void bt_login_Click(object sender, EventArgs e)
{
database con = new database();
int ketqua;
ketqua = (Int32)(con.Login(txt_username.Text, txt_password.Text));
if (ketqua > 0)
{
//khoi tao bien session
Session.Add("username", txt_username.Text);
if (txtRemember.Checked)
{
HttpCookie cookie = new HttpCookie("UserInfo");
if (Request.Browser.Cookies == true)
{
if (Request.Cookies["UserInfo"] != null)
{
cookie.Expires = DateTime.Now.AddDays(-1);
}
else
{
//cookie = new HttpCookie("UserInfo");
cookie["UserInfo"] = txt_username.Text;
cookie.Expires = DateTime.Now.AddDays(30);
Response.Cookies.Add(cookie);

}
}
}
if (ketqua == 1)
{
Response.Redirect("Admin/Default.aspx");
}
if (ketqua == 2)
{
Response.Redirect("Default.aspx");
}
}
else
{
txtError.Text = "Username ho?c Password khng dng.Vui lng th? l?i";
}
}
}