62,041
社区成员
发帖
与我相关
我的任务
分享静态类成员安全吗? The status code was:500 (分不够,再加)
我写了一个类App 其中有一个 static DataTable对象来保存在线用户的一些数据.
每个页面 我都 用 App.IsLogin() 来判断用户是否登陆.
在显示在线用户的页面,我通过操作App.OnlineUser来存取信息.
在大多数情况下,他们都运行良好,网站运行几天 或者 几个小时后,就会有如下错误:
1、在登陆页面我调用了 App.IsLogin(),他会提示这个DelOnlineUser 中的DataTable错误;如果是这个错误,连页面的都打不开,很郁闷整个网站就瘫痪了。
2、因为用户名和密码验证我用了AJAX,所以如果App.Login错误 就会出现Sys.WebForms.......The status code was:500的错误。 这个错误出现了 基本上就能打开登陆页面,整个网站基本也就瘫痪了。
我看了看我的代码,没有错误啊,就这几句 还能有什么大错误吗???
是不是静态类成员不是线程安全所致的哦???
PS:如果代码不全,1楼有补充的代码。。。
public class App //用户信息类
{
public static DataTable OnlineUser=new DataTable() ;
public static void DelOnlineUser(string sid)
{
if (OnlineUser.Columns.Count > 0)
{
DataRow[] dc = OnlineUser.Select("sid='" + sid +"'" );
if (dc.Length>0)
dc[0].Delete();
}
}
public static void SetOnlineUser()
{
if (OnlineUser.Columns.Count == 0)
{
OnlineUser.Columns.Add("id", typeof(System.Int32));
OnlineUser.Columns.Add("sid", typeof(System.String));
OnlineUser.Columns.Add("name", typeof(System.String));
OnlineUser.Columns.Add("class", typeof(System.String));
OnlineUser.Columns.Add("gary", typeof(System.String));
OnlineUser.Columns.Add("ip", typeof(System.String));
OnlineUser.Columns.Add("lasttime", typeof(System.DateTime));
}
DataRow[] dc = OnlineUser.Select("sid='" + System.Web.HttpContext.Current.Session["sid"].ToString() +"'");
if (dc.Length == 0) //通过 Session标记 设置在线情况
{
DataRow dr = OnlineUser.NewRow();
dr["id"] = (Int32)System.Web.HttpContext.Current.Session["id"];
dr["sid"] = System.Web.HttpContext.Current.Session["sid"].ToString() ;
dr["name"] = System.Web.HttpContext.Current.Session["name"].ToString();
dr["class"] = System.Web.HttpContext.Current.Session["class"].ToString();
dr["gary"] = System.Web.HttpContext.Current.Session["gary"].ToString();
dr["ip"] = Getip();
dr["lasttime"] =(DateTime)System.Web.HttpContext.Current.Session["lasttime"];
OnlineUser.Rows.Add(dr);
}
}
public static string Login(string username,string pass) // ""表示成功
{
SqlConnection cn=new SqlConnection("server=" + ConfigurationSettings.AppSettings["SqlServerIp"] +
";database=" + ConfigurationSettings.AppSettings["SqlServerName"] + ";user=" + ConfigurationSettings.AppSettings["SqlServerUserName"] + ";password=" + ConfigurationSettings.AppSettings["SqlServerPassword"]);
SqlCommand cmd=new SqlCommand("select TOP 1 * from [user] where username='"+username+"'",cn);
SqlDataAdapter da=new SqlDataAdapter(cmd);
SqlCommandBuilder cb = new SqlCommandBuilder(da);
DataSet ds=new DataSet();//数据在内存的映射
cn.Open();
da.Fill(ds,"user");
cn.Close();
if (ds.Tables["user"].Rows.Count <= 0)
{
return "没有这个用户";
}
else
{
DataTable dt = ds.Tables["user"];//建立一个DataTable对象,方便操作
DataRow rs=dt.Rows[0];
if (MD5(pass) != rs["password"].ToString())
{
return "密码错误!";
}
else if ((int)rs["ispass"] != 1)
{
return "帐号被禁用";
}
else //密码验证成功后 还要去设置Session的标记
{
System.Web.HttpContext.Current.Session.Add("name", typeof(System.String));
System.Web.HttpContext.Current.Session["name"] = rs["name"];
System.Web.HttpContext.Current.Session.Add("class", typeof(System.String));
System.Web.HttpContext.Current.Session["class"] = rs["class"];
System.Web.HttpContext.Current.Session.Add("gary", typeof(System.String));
System.Web.HttpContext.Current.Session["gary"] = rs["gary"];
System.Web.HttpContext.Current.Session.Add("lasttime", typeof(System.DateTime));
System.Web.HttpContext.Current.Session["lasttime"] = (DateTime)System.DateTime.Now;
System.Web.HttpContext.Current.Session.Add("type", typeof(System.Int32));
System.Web.HttpContext.Current.Session["type"] =(Int32) rs["type"];
System.Web.HttpContext.Current.Session.Add("id", typeof(System.Int32));
System.Web.HttpContext.Current.Session["id"] =(Int32) rs["id"];
System.Web.HttpContext.Current.Session.Add("sid", typeof(System.String));
System.Web.HttpContext.Current.Session["sid"] = System.Web.HttpContext.Current.Session.SessionID;
HttpCookie ck=new HttpCookie(ConfigurationSettings.AppSettings["AppName"].ToString());
ck["pass"]=MD5( (MD5(pass)+Getip()));
ck["userid"]=rs["id"].ToString();
System.Web.HttpContext.Current.Response.Cookies.Add(ck);
rs["lasttime"]=DateTime.Now.ToString();
rs["lastip"]=Getip();
rs["loginnum"]=(int)rs["loginnum"] + 1;
da.Update(ds, "user");
cn.Close();
SetOnlineUser();
return "";
}
return "OK";
}
}
每个页面 我都 用 App.IsLogin() 来判断用户是否登陆.
在显示在线用户的页面,我通过操作App.OnlineUser来存取信息.
在大多数情况下,他们都运行良好,网站运行几天 或者 几个小时后,就会有如下错误:
1、在登陆页面我调用了 App.IsLogin(),他会提示这个DelOnlineUser 中的DataTable错误;如果是这个错误,连页面的都打不开,很郁闷整个网站就瘫痪了。
2、因为用户名和密码验证我用了AJAX,所以如果App.Login错误 就会出现Sys.WebForms.......The status code was:500的错误。 这个错误出现了 基本上就能打开登陆页面,整个网站基本也就瘫痪了。
我看了看我的代码,没有错误啊,就这几句 还能有什么大错误吗???
是不是静态类成员不是线程安全所致的哦???
PS:如果代码不全,1楼有补充的代码。。。
public class App //用户信息类
{
public static DataTable OnlineUser=new DataTable() ;
public static void DelOnlineUser(string sid)
{
if (OnlineUser.Columns.Count > 0)
{
DataRow[] dc = OnlineUser.Select("sid='" + sid +"'" );
if (dc.Length>0)
dc[0].Delete();
}
}
public static void SetOnlineUser()
{
if (OnlineUser.Columns.Count == 0)
{
OnlineUser.Columns.Add("id", typeof(System.Int32));
OnlineUser.Columns.Add("sid", typeof(System.String));
OnlineUser.Columns.Add("name", typeof(System.String));
OnlineUser.Columns.Add("class", typeof(System.String));
OnlineUser.Columns.Add("gary", typeof(System.String));
OnlineUser.Columns.Add("ip", typeof(System.String));
OnlineUser.Columns.Add("lasttime", typeof(System.DateTime));
}
DataRow[] dc = OnlineUser.Select("sid='" + System.Web.HttpContext.Current.Session["sid"].ToString() +"'");
if (dc.Length == 0) //通过 Session标记 设置在线情况
{
DataRow dr = OnlineUser.NewRow();
dr["id"] = (Int32)System.Web.HttpContext.Current.Session["id"];
dr["sid"] = System.Web.HttpContext.Current.Session["sid"].ToString() ;
dr["name"] = System.Web.HttpContext.Current.Session["name"].ToString();
dr["class"] = System.Web.HttpContext.Current.Session["class"].ToString();
dr["gary"] = System.Web.HttpContext.Current.Session["gary"].ToString();
dr["ip"] = Getip();
dr["lasttime"] =(DateTime)System.Web.HttpContext.Current.Session["lasttime"];
OnlineUser.Rows.Add(dr);
}
}
public static string Login(string username,string pass) // ""表示成功
{
SqlConnection cn=new SqlConnection("server=" + ConfigurationSettings.AppSettings["SqlServerIp"] +
";database=" + ConfigurationSettings.AppSettings["SqlServerName"] + ";user=" + ConfigurationSettings.AppSettings["SqlServerUserName"] + ";password=" + ConfigurationSettings.AppSettings["SqlServerPassword"]);
SqlCommand cmd=new SqlCommand("select TOP 1 * from [user] where username='"+username+"'",cn);
SqlDataAdapter da=new SqlDataAdapter(cmd);
SqlCommandBuilder cb = new SqlCommandBuilder(da);
DataSet ds=new DataSet();//数据在内存的映射
cn.Open();
da.Fill(ds,"user");
cn.Close();
if (ds.Tables["user"].Rows.Count <= 0)
{
return "没有这个用户";
}
else
{
DataTable dt = ds.Tables["user"];//建立一个DataTable对象,方便操作
DataRow rs=dt.Rows[0];
if (MD5(pass) != rs["password"].ToString())
{
return "密码错误!";
}
else if ((int)rs["ispass"] != 1)
{
return "帐号被禁用";
}
else //密码验证成功后 还要去设置Session的标记
{
System.Web.HttpContext.Current.Session.Add("name", typeof(System.String));
System.Web.HttpContext.Current.Session["name"] = rs["name"];
System.Web.HttpContext.Current.Session.Add("class", typeof(System.String));
System.Web.HttpContext.Current.Session["class"] = rs["class"];
System.Web.HttpContext.Current.Session.Add("gary", typeof(System.String));
System.Web.HttpContext.Current.Session["gary"] = rs["gary"];
System.Web.HttpContext.Current.Session.Add("lasttime", typeof(System.DateTime));
System.Web.HttpContext.Current.Session["lasttime"] = (DateTime)System.DateTime.Now;
System.Web.HttpContext.Current.Session.Add("type", typeof(System.Int32));
System.Web.HttpContext.Current.Session["type"] =(Int32) rs["type"];
System.Web.HttpContext.Current.Session.Add("id", typeof(System.Int32));
System.Web.HttpContext.Current.Session["id"] =(Int32) rs["id"];
System.Web.HttpContext.Current.Session.Add("sid", typeof(System.String));
System.Web.HttpContext.Current.Session["sid"] = System.Web.HttpContext.Current.Session.SessionID;
HttpCookie ck=new HttpCookie(ConfigurationSettings.AppSettings["AppName"].ToString());
ck["pass"]=MD5( (MD5(pass)+Getip()));
ck["userid"]=rs["id"].ToString();
System.Web.HttpContext.Current.Response.Cookies.Add(ck);
rs["lasttime"]=DateTime.Now.ToString();
rs["lastip"]=Getip();
rs["loginnum"]=(int)rs["loginnum"] + 1;
da.Update(ds, "user");
cn.Close();
SetOnlineUser();
return "";
}
return "OK";
}
}
...全文
请发表友善的回复…
发表回复
surnde2 2009-04-20
- 打赏
- 举报
答案是不安全~
加上lock后,1个月没有出现问题了。
加上lock后,1个月没有出现问题了。
ffyyn 2009-02-26
- 打赏
- 举报
是不是session用的太多了 还有就是老遍历数组进行操作也可能会造成负荷过大。。
underwater 2009-02-26
- 打赏
- 举报
这个和静态类没有关系,楼主怀疑错对象了。
逻辑和顺序没处理好。
逻辑和顺序没处理好。
surnde 2009-02-26
- 打赏
- 举报
[Quote=引用 2 楼 huwei2003 的回复:]
最多时有几个同时在线用户? 当时的内存及cpu消耗是什么情况? 应该是性能方面导致的这样的问题
[/Quote]
10-12个吧, 在任务管理器中 w3wp 内存用了60M CPU 0;
最多时有几个同时在线用户? 当时的内存及cpu消耗是什么情况? 应该是性能方面导致的这样的问题
[/Quote]
10-12个吧, 在任务管理器中 w3wp 内存用了60M CPU 0;
Jack2013tong 2009-02-26
- 打赏
- 举报
最多时有几个同时在线用户? 当时的内存及cpu消耗是什么情况? 应该是性能方面导致的这样的问题
surnde 2009-02-26
- 打赏
- 举报
public static bool IsLogin()//看看是否登陆
{
// if (System.Web.HttpContext.Current.Session["sid"] == null)
// {
if (System.Web.HttpContext.Current.Request.Cookies[ConfigurationSettings.AppSettings["AppName"].ToString()] == null)
{
DelOnlineUser(System.Web.HttpContext.Current.Session.SessionID);
System.Web.HttpContext.Current.Response.Cookies[ConfigurationSettings.AppSettings["AppName"]]["pass"] = "";
System.Web.HttpContext.Current.Response.Cookies[ConfigurationSettings.AppSettings["AppName"]]["userid"] = "";
return false;
}
if (System.Web.HttpContext.Current.Request.Cookies[ConfigurationSettings.AppSettings["AppName"].ToString()]["userid"] == null || System.Web.HttpContext.Current.Request.Cookies[ConfigurationSettings.AppSettings["AppName"].ToString()]["pass"] == null || System.Web.HttpContext.Current.Request.Cookies[ConfigurationSettings.AppSettings["AppName"].ToString()]["userid"] == "" || System.Web.HttpContext.Current.Request.Cookies[ConfigurationSettings.AppSettings["AppName"].ToString()]["pass"] == "")
{
DelOnlineUser(System.Web.HttpContext.Current.Session.SessionID);
System.Web.HttpContext.Current.Response.Cookies[ConfigurationSettings.AppSettings["AppName"]]["pass"] = "";
System.Web.HttpContext.Current.Response.Cookies[ConfigurationSettings.AppSettings["AppName"]]["userid"] = "";
return false;
}
try
{
//打开数据库 重新验证密码
SqlConnection cn = new SqlConnection("server=" + ConfigurationSettings.AppSettings["SqlServerIp"] +
";database=" + ConfigurationSettings.AppSettings["SqlServerName"] + ";user=" + ConfigurationSettings.AppSettings["SqlServerUserName"] + ";password=" + ConfigurationSettings.AppSettings["SqlServerPassword"]);
SqlCommand cmd = new SqlCommand("select TOP 1 * from [user] where id=" + System.Web.HttpContext.Current.Request.Cookies[ConfigurationSettings.AppSettings["AppName"]]["userid"].ToString(), cn);
SqlDataAdapter da = new SqlDataAdapter(cmd);
SqlCommandBuilder cb = new SqlCommandBuilder(da);
DataSet ds = new DataSet();//数据在内存的映射
cn.Open();
da.Fill(ds, "user");
cn.Close();
if (ds.Tables["user"].Rows.Count <= 0)
{
System.Web.HttpContext.Current.Response.Cookies[ConfigurationSettings.AppSettings["AppName"]]["pass"] = "";
System.Web.HttpContext.Current.Response.Cookies[ConfigurationSettings.AppSettings["AppName"]]["userid"] = "";
DelOnlineUser(System.Web.HttpContext.Current.Session.SessionID);
return false;
}
DataTable dt = ds.Tables["user"];//建立一个DataTable对象,方便操作
DataRow rs = dt.Rows[0];
if (MD5(rs["password"].ToString() + Getip()) != System.Web.HttpContext.Current.Request.Cookies[ConfigurationSettings.AppSettings["AppName"]]["pass"].ToString())
{
System.Web.HttpContext.Current.Response.Cookies[ConfigurationSettings.AppSettings["AppName"]]["pass"] = "";
System.Web.HttpContext.Current.Response.Cookies[ConfigurationSettings.AppSettings["AppName"]]["userid"] = "";
DelOnlineUser(System.Web.HttpContext.Current.Session.SessionID);
return false;
}
//这里就要重建Session
System.Web.HttpContext.Current.Session.Add("name", typeof(System.String));
System.Web.HttpContext.Current.Session["name"] = rs["name"];
System.Web.HttpContext.Current.Session.Add("class", typeof(System.String));
System.Web.HttpContext.Current.Session["class"] = rs["class"];
System.Web.HttpContext.Current.Session.Add("gary", typeof(System.String));
System.Web.HttpContext.Current.Session["gary"] = rs["gary"];
System.Web.HttpContext.Current.Session.Add("lasttime", typeof(System.DateTime));
System.Web.HttpContext.Current.Session["lasttime"] = (DateTime)System.DateTime.Now;
System.Web.HttpContext.Current.Session.Add("type", typeof(System.Int32));
System.Web.HttpContext.Current.Session["type"] = (Int32)rs["type"];
System.Web.HttpContext.Current.Session.Add("id", typeof(System.Int32));
System.Web.HttpContext.Current.Session["id"] = (Int32)rs["id"];
System.Web.HttpContext.Current.Session.Add("sid", typeof(System.String));
System.Web.HttpContext.Current.Session["sid"] = System.Web.HttpContext.Current.Session.SessionID;
//在加入User
SetOnlineUser();
}
catch (Exception e)
{
System.Web.HttpContext.Current.Response.Cookies[ConfigurationSettings.AppSettings["AppName"]]["pass"] = "";
System.Web.HttpContext.Current.Response.Cookies[ConfigurationSettings.AppSettings["AppName"]]["userid"] = "";
DelOnlineUser(System.Web.HttpContext.Current.Session.SessionID);
return false;
}
return true;
}
}
{
// if (System.Web.HttpContext.Current.Session["sid"] == null)
// {
if (System.Web.HttpContext.Current.Request.Cookies[ConfigurationSettings.AppSettings["AppName"].ToString()] == null)
{
DelOnlineUser(System.Web.HttpContext.Current.Session.SessionID);
System.Web.HttpContext.Current.Response.Cookies[ConfigurationSettings.AppSettings["AppName"]]["pass"] = "";
System.Web.HttpContext.Current.Response.Cookies[ConfigurationSettings.AppSettings["AppName"]]["userid"] = "";
return false;
}
if (System.Web.HttpContext.Current.Request.Cookies[ConfigurationSettings.AppSettings["AppName"].ToString()]["userid"] == null || System.Web.HttpContext.Current.Request.Cookies[ConfigurationSettings.AppSettings["AppName"].ToString()]["pass"] == null || System.Web.HttpContext.Current.Request.Cookies[ConfigurationSettings.AppSettings["AppName"].ToString()]["userid"] == "" || System.Web.HttpContext.Current.Request.Cookies[ConfigurationSettings.AppSettings["AppName"].ToString()]["pass"] == "")
{
DelOnlineUser(System.Web.HttpContext.Current.Session.SessionID);
System.Web.HttpContext.Current.Response.Cookies[ConfigurationSettings.AppSettings["AppName"]]["pass"] = "";
System.Web.HttpContext.Current.Response.Cookies[ConfigurationSettings.AppSettings["AppName"]]["userid"] = "";
return false;
}
try
{
//打开数据库 重新验证密码
SqlConnection cn = new SqlConnection("server=" + ConfigurationSettings.AppSettings["SqlServerIp"] +
";database=" + ConfigurationSettings.AppSettings["SqlServerName"] + ";user=" + ConfigurationSettings.AppSettings["SqlServerUserName"] + ";password=" + ConfigurationSettings.AppSettings["SqlServerPassword"]);
SqlCommand cmd = new SqlCommand("select TOP 1 * from [user] where id=" + System.Web.HttpContext.Current.Request.Cookies[ConfigurationSettings.AppSettings["AppName"]]["userid"].ToString(), cn);
SqlDataAdapter da = new SqlDataAdapter(cmd);
SqlCommandBuilder cb = new SqlCommandBuilder(da);
DataSet ds = new DataSet();//数据在内存的映射
cn.Open();
da.Fill(ds, "user");
cn.Close();
if (ds.Tables["user"].Rows.Count <= 0)
{
System.Web.HttpContext.Current.Response.Cookies[ConfigurationSettings.AppSettings["AppName"]]["pass"] = "";
System.Web.HttpContext.Current.Response.Cookies[ConfigurationSettings.AppSettings["AppName"]]["userid"] = "";
DelOnlineUser(System.Web.HttpContext.Current.Session.SessionID);
return false;
}
DataTable dt = ds.Tables["user"];//建立一个DataTable对象,方便操作
DataRow rs = dt.Rows[0];
if (MD5(rs["password"].ToString() + Getip()) != System.Web.HttpContext.Current.Request.Cookies[ConfigurationSettings.AppSettings["AppName"]]["pass"].ToString())
{
System.Web.HttpContext.Current.Response.Cookies[ConfigurationSettings.AppSettings["AppName"]]["pass"] = "";
System.Web.HttpContext.Current.Response.Cookies[ConfigurationSettings.AppSettings["AppName"]]["userid"] = "";
DelOnlineUser(System.Web.HttpContext.Current.Session.SessionID);
return false;
}
//这里就要重建Session
System.Web.HttpContext.Current.Session.Add("name", typeof(System.String));
System.Web.HttpContext.Current.Session["name"] = rs["name"];
System.Web.HttpContext.Current.Session.Add("class", typeof(System.String));
System.Web.HttpContext.Current.Session["class"] = rs["class"];
System.Web.HttpContext.Current.Session.Add("gary", typeof(System.String));
System.Web.HttpContext.Current.Session["gary"] = rs["gary"];
System.Web.HttpContext.Current.Session.Add("lasttime", typeof(System.DateTime));
System.Web.HttpContext.Current.Session["lasttime"] = (DateTime)System.DateTime.Now;
System.Web.HttpContext.Current.Session.Add("type", typeof(System.Int32));
System.Web.HttpContext.Current.Session["type"] = (Int32)rs["type"];
System.Web.HttpContext.Current.Session.Add("id", typeof(System.Int32));
System.Web.HttpContext.Current.Session["id"] = (Int32)rs["id"];
System.Web.HttpContext.Current.Session.Add("sid", typeof(System.String));
System.Web.HttpContext.Current.Session["sid"] = System.Web.HttpContext.Current.Session.SessionID;
//在加入User
SetOnlineUser();
}
catch (Exception e)
{
System.Web.HttpContext.Current.Response.Cookies[ConfigurationSettings.AppSettings["AppName"]]["pass"] = "";
System.Web.HttpContext.Current.Response.Cookies[ConfigurationSettings.AppSettings["AppName"]]["userid"] = "";
DelOnlineUser(System.Web.HttpContext.Current.Session.SessionID);
return false;
}
return true;
}
}
