diff --git "a/\347\254\2546\346\254\241\344\275\234\344\270\232/\345\224\220\344\274\237\345\273\272/SqlHelper.cs" "b/\347\254\2546\346\254\241\344\275\234\344\270\232/\345\224\220\344\274\237\345\273\272/SqlHelper.cs" new file mode 100644 index 0000000000000000000000000000000000000000..986c0e4c9a57c93744261482008839b6642ad612 --- /dev/null +++ "b/\347\254\2546\346\254\241\344\275\234\344\270\232/\345\224\220\344\274\237\345\273\272/SqlHelper.cs" @@ -0,0 +1,97 @@ +using System; +using System.Collections.Generic; +using System.Data; +using System.Data.SqlClient; +using System.Linq; +using System.Web; + +namespace work6._25 +{ + public class SqlHelper + { + private static string constr = "server=.;uid=sa;pwd=123456;database=Student_db"; + private SqlConnection con = null; + public SqlHelper() + { + con = new SqlConnection(constr); + } + + /// + /// 执行数据库查询操作 + /// + /// 执行的SQL语句 + /// 参数 + /// 返回数据表 + public DataTable Get(string sql, SqlParameter[] pars) + { + try + { + if (con.State == ConnectionState.Closed) + { + con.Open(); + } + + SqlCommand cmd = new SqlCommand(sql, con); + if (pars != null && pars.Length != 0) + { + cmd.Parameters.AddRange(pars); + } + SqlDataAdapter adapter = new SqlDataAdapter(cmd); + DataSet ds = new DataSet(); + adapter.Fill(ds); + + return ds.Tables[0]; + } + catch (Exception ex) + { + throw new Exception(ex.Message); + } + finally + { + //释放资源 + if (con != null) + { + con.Close(); + } + } + } + + /// + /// 执行数据库非查询操作 + /// + /// + /// + /// + public bool Execute(string sql, SqlParameter[] pars) + { + try + { + if (con.State == ConnectionState.Closed) + { + con.Open(); + } + + SqlCommand cmd = new SqlCommand(sql, con); + if (pars != null && pars.Length != 0) + { + cmd.Parameters.AddRange(pars); + } + ; + + return cmd.ExecuteNonQuery() > 0; + } + catch (Exception ex) + { + throw new Exception(ex.Message); + } + finally + { + //释放资源 + if (con != null) + { + con.Close(); + } + } + } + } +} \ No newline at end of file diff --git "a/\347\254\2546\346\254\241\344\275\234\344\270\232/\345\224\220\344\274\237\345\273\272/WebForm1.aspx" "b/\347\254\2546\346\254\241\344\275\234\344\270\232/\345\224\220\344\274\237\345\273\272/WebForm1.aspx" new file mode 100644 index 0000000000000000000000000000000000000000..ff0627e1b576332185df7597b5185204d5f648d9 --- /dev/null +++ "b/\347\254\2546\346\254\241\344\275\234\344\270\232/\345\224\220\344\274\237\345\273\272/WebForm1.aspx" @@ -0,0 +1,24 @@ +<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="WebForm1.aspx.cs" Inherits="work6._25.WebForm1" %> + + + + + + + + + +
+
+ 账号: +
+ 密码: +
+ + +
+ +
+
+ + diff --git "a/\347\254\2546\346\254\241\344\275\234\344\270\232/\345\224\220\344\274\237\345\273\272/WebForm1.aspx.cs" "b/\347\254\2546\346\254\241\344\275\234\344\270\232/\345\224\220\344\274\237\345\273\272/WebForm1.aspx.cs" new file mode 100644 index 0000000000000000000000000000000000000000..8ea857e2ef5c99e4c299cbf7a1b6d4c4bed3dbea --- /dev/null +++ "b/\347\254\2546\346\254\241\344\275\234\344\270\232/\345\224\220\344\274\237\345\273\272/WebForm1.aspx.cs" @@ -0,0 +1,45 @@ +using System; +using System.Collections.Generic; +using System.Data; +using System.Data.SqlClient; +using System.Linq; +using System.Web; +using System.Web.UI; +using System.Web.UI.WebControls; + +namespace work6._25 +{ + public partial class WebForm1 : System.Web.UI.Page + { + private SqlHelper sqlHelper = new SqlHelper(); + protected void Page_Load(object sender, EventArgs e) + { + + } + + protected void Button1_Click(object sender, EventArgs e) + { + string name = TextBox1.Text; + string pwd = TextBox2.Text; + + string sql = "select * from StudentInfo where stu_name=@name and password=@pwd"; + //SQL注入攻击 + SqlParameter[] pars = + { + new SqlParameter("@name",name), + new SqlParameter("@pwd",pwd) + }; + + DataTable dt = sqlHelper.Get(sql, pars); + if (dt.Rows.Count > 0)//如果返回的记录条数大于0,就说明登录成功! + { + Session["CurrentUserName"] = name; + Response.Redirect("WebForm2.aspx"); + } + else + { + Label1.Text = "用户名或密码错误!"; + } + } + } +} \ No newline at end of file diff --git "a/\347\254\2546\346\254\241\344\275\234\344\270\232/\345\224\220\344\274\237\345\273\272/WebForm2.aspx" "b/\347\254\2546\346\254\241\344\275\234\344\270\232/\345\224\220\344\274\237\345\273\272/WebForm2.aspx" new file mode 100644 index 0000000000000000000000000000000000000000..7c2a0350bf33b6d914bfb29d8ebb569e1a967b4e --- /dev/null +++ "b/\347\254\2546\346\254\241\344\275\234\344\270\232/\345\224\220\344\274\237\345\273\272/WebForm2.aspx" @@ -0,0 +1,16 @@ +<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="WebForm2.aspx.cs" Inherits="work6._25.WebForm2" %> + + + + + + + + + +
+
+
+
+ + diff --git "a/\347\254\2546\346\254\241\344\275\234\344\270\232/\345\224\220\344\274\237\345\273\272/WebForm2.aspx.cs" "b/\347\254\2546\346\254\241\344\275\234\344\270\232/\345\224\220\344\274\237\345\273\272/WebForm2.aspx.cs" new file mode 100644 index 0000000000000000000000000000000000000000..49ef691fd777f2544773c7b3a81b971efb197766 --- /dev/null +++ "b/\347\254\2546\346\254\241\344\275\234\344\270\232/\345\224\220\344\274\237\345\273\272/WebForm2.aspx.cs" @@ -0,0 +1,25 @@ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Web; +using System.Web.UI; +using System.Web.UI.WebControls; + +namespace work6._25 +{ + public partial class WebForm2 : System.Web.UI.Page + { + protected void Page_Load(object sender, EventArgs e) + { + + if (Session["CurrentUserName"] == null) + { + Response.Redirect("WebForm1.aspx"); + } + else + { + Response.Write($"

Hi,{Session["CurrentUserName"]}

"); + } + } + } +} \ No newline at end of file diff --git "a/\347\254\2546\346\254\241\344\275\234\344\270\232/\345\224\220\344\274\237\345\273\272/WebForm3.aspx" "b/\347\254\2546\346\254\241\344\275\234\344\270\232/\345\224\220\344\274\237\345\273\272/WebForm3.aspx" new file mode 100644 index 0000000000000000000000000000000000000000..63e4e9cb641b873264b0392db7ddd1a6276f62b2 --- /dev/null +++ "b/\347\254\2546\346\254\241\344\275\234\344\270\232/\345\224\220\344\274\237\345\273\272/WebForm3.aspx" @@ -0,0 +1,28 @@ +<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="WebForm3.aspx.cs" Inherits="work6._25.WebForm3" %> + + + + + + + + + +
+
+

注册页面

+ + 账号: +
+ 密码: +
+ Email: +
+ 自我介绍: +
+ + +
+
+ + diff --git "a/\347\254\2546\346\254\241\344\275\234\344\270\232/\345\224\220\344\274\237\345\273\272/WebForm3.aspx.cs" "b/\347\254\2546\346\254\241\344\275\234\344\270\232/\345\224\220\344\274\237\345\273\272/WebForm3.aspx.cs" new file mode 100644 index 0000000000000000000000000000000000000000..1025bd3f1dc27357eeccbc4bb924cdadfc5a9d9f --- /dev/null +++ "b/\347\254\2546\346\254\241\344\275\234\344\270\232/\345\224\220\344\274\237\345\273\272/WebForm3.aspx.cs" @@ -0,0 +1,49 @@ +using System; +using System.Collections.Generic; +using System.Data.SqlClient; +using System.Linq; +using System.Web; +using System.Web.UI; +using System.Web.UI.WebControls; + +namespace work6._25 +{ + public partial class WebForm3 : System.Web.UI.Page + { + protected void Page_Load(object sender, EventArgs e) + { + string name = UserName.Text; + string pwd = Password.Text; + string email = Email.Text; + string intro = Intro.Text; + + + string constr = "server=.;uid=sa;pwd=123456;database=Student_db"; + + SqlConnection con = new SqlConnection(constr); + + con.Open(); + + string sql = "insert into StudentInfo (stu_name,password,email,intro) values (@name,@pwd,@email,@intro)"; + SqlParameter[] pars = + { + new SqlParameter("@name",name), + new SqlParameter("@pwd",pwd), + new SqlParameter("@email",email), + new SqlParameter("@intro",intro) + }; + SqlCommand cmd = new SqlCommand(sql, con); + cmd.Parameters.AddRange(pars); + + int result = cmd.ExecuteNonQuery();//返回 影响行数,如果返回-1说明执行失败 + if (result > 0) + { + Literal1.Text = "注册成功!去登陆"; + } + else + { + Literal1.Text = "注册失败!"; + } + } + } +} \ No newline at end of file