用户名验证
using System;
using System.Data;
using System.Configuration; using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls; using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls; using System.Data.SqlClient;
///
/// CheckUser 的摘要说明
///
public class CheckUser
{
public CheckUser()
{
//
// TODO: 在此处添加构造函数逻辑
//
}
//MainPage: _QType:查询什么功能
//
// _PType: Power 用户有什么权限 与loginTag相对应
//
//
public bool checkUserPower(string strLoginTag, Page page)
{
bool blRtValue = true;
if (page.Request["_QType"] == null || page.Request["_PType"] == null)
{
blRtValue = false;
return blRtValue;
}
string strQType = page.Request["_QType"].ToString();
string strPType = page.Request["_PType"].ToString();
if (strQType != "1" && strQType != "2" && strQType != "3" && strQType != "4" && strQType !=
"5" && strQType != "6" && strQType != "7" && strQType != "8" && strQType != "9")
{
blRtValue = false;
return blRtValue;
}
if (strLoginTag == "Person" && strPType != "1")
{
blRtValue = false;
}
else if (strLoginTag == "Unit" && strPType != "2")
{
blRtValue = false;
}
else if (strLoginTag == "UnitCentralDept" && strPType != "3")
{
blRtValue = false;
}
else if (strLoginTag == "UnitInChargeDept" && strPType != "4")
{
blRtValue = false;
}
else if (strLoginTag == "PowerMan" && strPType != "5")
{
blRtValue = false;
}
return blRtValue;
}
public bool checkLogin(string strLogin, string strPwd,ref string strCondition , ref string strMemo,ref string strOrderNo, ref string strId)
{
bool blReturn = false;
strCondition = string.Empty;
SqlConnection sqlConn = DB.creatConnection();
SqlCommand sqlCmd = new SqlCommand();
sqlConn.Open();
sqlCmd.Connection = sqlConn;
sqlCmd.CommandType = CommandType.Text;
// sqlCmd.CommandText = "select Condiation, Memo, OrderNo, [Id] from Users where [Name]='"
+ strLogin + "' AND PassWord='" + strPwd + "' and IsOn='1'";
sqlCmd.CommandText = "select Condiation, Comments, OrderNo, [Id] from Users where [Name]='" + strLogin + "' AND PassWord='" + strPwd + "' and IsOn='1'";
myReader = sqlCmd.ExecuteReader(); SqlDataReader
if (myReader.Read())
{
strCondition = myReader.GetValue(0).ToString();
strMemo = myReader.GetValue(1).ToString();
strOrderNo = myReader.GetValue(2).ToString();
strId = myReader.GetValue(3).ToString();
blReturn = true;
}
myReader.Close();
sqlConn.Close();
return blReturn;
}
}