1重写MemberProvider系列文章之用户身份验证
using System;<br>using System.Web.Security;<br>using System.Web;<br>using System.Web.Configuration;<br>using System.Security.Principal;<br>using System.Security.Permissions;<br>using System.Globalization;<br>using System.Runtime.Serialization;<br>using System.Collections;<br>using System.Collections.Specialized;<br>using System.Data;<br>using System.Data.SqlClient;<br>using System.Data.SqlTypes;<br>using System.Security.Cryptography;<br>using System.Text;<br>using System.Text.RegularExpressions;<br>using System.Configuration.Provider;<br>using System.Configuration;<br>using System.Web.DataAccess;<br>using System.Web.Management;<br>using System.Web.Util;<br>/// <summary><br>/// MyMemberProvider 的摘要说明<br>/// </summary><br>public class MyMemberProvider:MembershipProvider <br>{<br> //设置连接字符串<br> private string strconn = ConfigurationManager.ConnectionStrings["MySunConnectionString"].ConnectionString;<br> public MyMemberProvider()<br> {<br> //<br> // TODO: 在此处添加构造函数逻辑<br> //<br> }<br> private string _sqlConnectionString;<br> private int _SchemaVersionCheck;<br> private int _CommandTimeout;<br> private MembershipPasswordFormat _PasswordFormat;<br> public override void Initialize(string name, System.Collections.Specialized.NameValueCollection config)<br> {<br><br><br> base.Initialize(name, config);<br> }<br><br> public override string ApplicationName<br> {<br> get<br> {<br> throw new Exception("The method or operation is not implemented.");<br> }<br> set<br> {<br> throw new Exception("The method or operation is not implemented.");<br> }<br> }<br><br> public override bool ChangePassword(string username, string oldPassword, string newPassword)<br> {<br> throw new Exception("The method or operation is not implemented.");<br> }<br><br> public override bool ChangePasswordQuestionAndAnswer(string username, string password, string newPasswordQuestion, string newPasswordAnswer)<br> {<br> throw new Exception("The method or operation is not implemented.");<br> }<br><br> public override MembershipUser CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status)<br> {<br> throw new Exception("The method or operation is not implemented.");<br> }<br><br> public override bool DeleteUser(string username, bool deleteAllRelatedData)<br> {<br> throw new Exception("The method or operation is not implemented.");<br> }<br><br> public override bool EnablePasswordReset<br> {<br> get { throw new Exception("The method or operation is not implemented."); }<br> }<br><br> public override bool EnablePasswordRetrieval<br> {<br> get { throw new Exception("The method or operation is not implemented."); }<br> }<br><br> public override MembershipUserCollection FindUsersByEmail(string emailToMatch, int pageIndex, int pageSize, out int totalRecords)<br> {<br> throw new Exception("The method or operation is not implemented.");<br> }<br><br> public override MembershipUserCollection FindUsersByName(string usernameToMatch, int pageIndex, int pageSize, out int totalRecords)<br> {<br> throw new Exception("The method or operation is not implemented.");<br> }<br><br> public override MembershipUserCollection GetAllUsers(int pageIndex, int pageSize, out int totalRecords)<br> {<br> throw new Exception("The method or operation is not implemented.");<br> }<br><br> public override int GetNumberOfUsersOnline()<br> {<br> throw new Exception("The method or operation is not implemented.");<br> }<br><br> public override string GetPassword(string username, string answer)<br> {<br> throw new Exception("The method or operation is not implemented.");<br> }<br><br> public override MembershipUser GetUser(string username, bool userIsOnline)<br> {<br> throw new Exception("The method or operation is not implemented.");<br> }<br><br> public override MembershipUser GetUser(object providerUserKey, bool userIsOnline)<br> {<br> throw new Exception("The method or operation is not implemented.");<br> }<br><br> public override string GetUserNameByEmail(string email)<br> {<br> throw new Exception("The method or operation is not implemented.");<br> }<br><br> public override int MaxInvalidPasswordAttempts<br> {<br> get { throw new Exception("The method or operation is not implemented."); }<br> }<br><br> public override int MinRequiredNonAlphanumericCharacters<br> {<br> get { throw new Exception("The method or operation is not implemented."); }<br> }<br><br> public override int MinRequiredPasswordLength<br> {<br> get { throw new Exception("The method or operation is not implemented."); }<br> }<br><br> public override int PasswordAttemptWindow<br> {<br> get { throw new Exception("The method or operation is not implemented."); }<br> }<br><br> public override MembershipPasswordFormat PasswordFormat<br> {<br> get { throw new Exception("The method or operation is not implemented."); }<br> }<br><br> public override string PasswordStrengthRegularExpression<br> {<br> get { throw new Exception("The method or operation is not implemented."); }<br> }<br><br> public override bool RequiresQuestionAndAnswer<br> {<br> get { throw new Exception("The method or operation is not implemented."); }<br> }<br><br> public override bool RequiresUniqueEmail<br> {<br> get { throw new Exception("The method or operation is not implemented."); }<br> }<br><br> public override string ResetPassword(string username, string answer)<br> {<br> throw new Exception("The method or operation is not implemented.");<br> }<br><br> public override bool UnlockUser(string userName)<br> {<br> throw new Exception("The method or operation is not implemented.");<br> }<br><br> public override void UpdateUser(MembershipUser user)<br> {<br> throw new Exception("The method or operation is not implemented.");<br> }<br><br> public override bool ValidateUser(string username, string password)<br> {<br><br> using (SqlConnection conn = new SqlConnection(strconn))<br> {<br> SqlCommand comm = new SqlCommand();<br> comm.CommandText = "select count(0) from UserInfo where uname=@name and upwd=@pwd";<br> comm.Parameters.AddWithValue("@name", username);<br> comm.Parameters.AddWithValue("@pwd", password);<br> comm.Connection = conn;<br> conn.Open();<br> return ((int)comm.ExecuteScalar()) > 0 ? true : false;<br> //SqlCommand comm = new SqlCommand();<br> //comm.CommandText = "select * from UserInfo where UName=@name and Upwd=@pwd";<br> //comm.Parameters.Add("@name", SqlDbType.NVarChar, 50).Value = username;<br> //comm.Parameters.Add("@pwd", SqlDbType.VarChar, 100).Value = password;<br> //comm.Connection = conn;<br> //conn.Open();<br> //SqlDataReader dr = comm.ExecuteReader(CommandBehavior.CloseConnection);<br> //if (dr.HasRows)<br> // return true;<br> //return false; <br> }<br><br><br> }<br>}<br><br>WebConfig文件的配置<br><span style="color: rgb(255, 0, 0);">【1】 </span><br style="color: rgb(255, 0, 0);"><span style="color: rgb(255, 0, 0);"><authentication mode="Forms"></span><br style="color: rgb(255, 0, 0);"><span style="color: rgb(255, 0, 0);"> <forms name=".ASPXAUTH"</span><br style="color: rgb(255, 0, 0);"><span style="color: rgb(255, 0, 0);"> loginUrl="login.aspx"</span><br style="color: rgb(255, 0, 0);"><span style="color: rgb(255, 0, 0);"> protection="Validation"</span><br style="color: rgb(255, 0, 0);"><span style="color: rgb(255, 0, 0);"> timeout="999999"</span><br style="color: rgb(255, 0, 0);"><span style="color: rgb(255, 0, 0);"> /></span><br style="color: rgb(255, 0, 0);"><span style="color: rgb(255, 0, 0);"> </authentication> 这个一定要设置否则登录成功后页面没有任何反应!</span><br>【2】<br><membership defaultProvider="MyMemberProvider"><br> <providers><br> <remove name="MyMemberProvider"/><br> <clear/><br> <add name="MyMemberProvider" type="MyMemberProvider" applicationName="appName" connectionStringName="MySunConnectionString" maxInvalidPasswordAttempts="5" minRequiredNonalphanumericCharacters="0" minRequiredPasswordLength="6" passwordFormat="Hashed" requiresQuestionAndAnswer="true" requiresUniqueEmail="true" enablePasswordRetrieval="false"/><br> </providers><br> </membership><br>进行身份验证的核心代码<br>public override bool ValidateUser(string username, string password)<br> {<br><br> using (SqlConnection conn = new SqlConnection(strconn))<br> {<br> SqlCommand comm = new SqlCommand();<br> comm.CommandText = "select count(0) from UserInfo where uname=@name and upwd=@pwd";<br> comm.Parameters.AddWithValue("@name", username);<br> comm.Parameters.AddWithValue("@pwd", password);<br> comm.Connection = conn;<br> conn.Open();<br> return ((int)comm.ExecuteScalar()) > 0 ? true : false;<br> //SqlCommand comm = new SqlCommand();<br> //comm.CommandText = "select * from UserInfo where UName=@name and Upwd=@pwd";<br> //comm.Parameters.Add("@name", SqlDbType.NVarChar, 50).Value = username;<br> //comm.Parameters.Add("@pwd", SqlDbType.VarChar, 100).Value = password;<br> //comm.Connection = conn;<br> //conn.Open();<br> //SqlDataReader dr = comm.ExecuteReader(CommandBehavior.CloseConnection);<br> //if (dr.HasRows)<br> // return true;<br> //return false; <br> }<br> }