***请帮助完善:登录后,才能看到页面的数据库forms验证问题?在线等待!***
1.多个用户登录,一个session能够记住多个登录帐号和密码?
2.会不会出现直接输入网址,也会看到网页的情况?
3.怎么修改能实现诸如md5等加密?
4.如果想保存用户名和密码,怎么修改?
5.请各位帮助修改一下,使之更完善。
webconfig:
<authentication mode="Forms">
<forms name=".Agent" loginUrl="login.aspx" path="/" protection="All" timeout="20"/>
</authentication>
<authorization>
<allow users="?" />
</authorization>
登录页面:login.aspx
Dim strsql As String = "select password from webpassword where username='" & txtusername.Text & "'"
Dim oracommand As New OracleCommand(strsql, oraconnection)
Dim oradatareader As OracleDataReader = oracommand.ExecuteReader(System.Data.CommandBehavior.CloseConnection)
If oradatareader.Read() Then
If oradatareader("password").ToString = txtpassword.Text Then
FormsAuthentication.RedirectFromLoginPage(txtusername.Text, False)
Session("username") = txtusername.Text
Session("password") = txtpassword.Text
Else
lblprompt.Text = ""
lblprompt.Text = "密码错误,请重新输入!"
End If
Else
lblprompt.Text = ""
lblprompt.Text = "该用户不存在,请重新输入用户名!"
End If
需要密码验证后才能看到的页面:
contact.aspx:page_load:
If Session("username") = "" And Session("password") = "" Then
Response.Redirect("login.aspx")
End If