用户名验证

用户名验证 using System; using System.Data; using System.Configuration; using System.Web; using System.Web.Security; using System.Web.UI; using System.Web.UI.WebControls; using System.Web.UI.WebControls.WebParts; using System.Web.UI.HtmlControls; using System.Data.SqlClient; ///

/// CheckUser 的摘要说明 ///

public class CheckUser { public CheckUser() { // // TODO: 在此处添加构造函数逻辑 // } //MainPage: _QType:查询什么功能 // // _PType: Power 用户有什么权限 与loginTag相对应 // // public bool checkUserPower(string strLoginTag, Page page) { bool blRtValue = true; if (page.Request["_QType"] == null || page.Request["_PType"] == null) { blRtValue = false; return blRtValue; } string strQType = page.Request["_QType"].ToString(); string strPType = page.Request["_PType"].ToString(); if (strQType != "1" && strQType != "2" && strQType != "3" && strQType != "4" && strQType != "5" && strQType != "6" && strQType != "7" && strQType != "8" && strQType != "9") { blRtValue = false; return blRtValue; } if (strLoginTag == "Person" && strPType != "1") { blRtValue = false; } else if (strLoginTag == "Unit" && strPType != "2") { blRtValue = false; } else if (strLoginTag == "UnitCentralDept" && strPType != "3") { blRtValue = false; } else if (strLoginTag == "UnitInChargeDept" && strPType != "4") { blRtValue = false; } else if (strLoginTag == "PowerMan" && strPType != "5") { blRtValue = false; } return blRtValue; } public bool checkLogin(string strLogin, string strPwd,ref string strCondition , ref string strMemo,ref string strOrderNo, ref string strId) { bool blReturn = false; strCondition = string.Empty; SqlConnection sqlConn = DB.creatConnection(); SqlCommand sqlCmd = new SqlCommand(); sqlConn.Open(); sqlCmd.Connection = sqlConn; sqlCmd.CommandType = CommandType.Text; // sqlCmd.CommandText = "select Condiation, Memo, OrderNo, [Id] from Users where [Name]='" + strLogin + "' AND PassWord='" + strPwd + "' and IsOn='1'"; sqlCmd.CommandText = "select Condiation, Comments, OrderNo, [Id] from Users where [Name]='" + strLogin + "' AND PassWord='" + strPwd + "' and IsOn='1'"; myReader = sqlCmd.ExecuteReader(); SqlDataReader if (myReader.Read()) { strCondition = myReader.GetValue(0).ToString(); strMemo = myReader.GetValue(1).ToString(); strOrderNo = myReader.GetValue(2).ToString(); strId = myReader.GetValue(3).ToString(); blReturn = true; } myReader.Close(); sqlConn.Close(); return blReturn; } }