我想创建以下情形......asp.net字符串未滞留在回发
- 用户通过将自己的用户ID和密码登录英寸
- 如果他们没有分配给他们的登录详细信息的电子邮件地址,他们会被要求提交一个,然后才能继续。
- 然后,他们继续以登录状态登录主页。
我遇到的麻烦是用户ID和密码在他们提交他们的电子邮件地址时没有保留,所以登录失败。
下面的代码...
Dim userid as String
Dim password as String
Sub Page_Load(ByVal Sender as Object, ByVal E as EventArgs)
end sub
Sub Page_Transfer()
Dim userLookup As mySource.myData = New mySource.myData()
Dim drSet1 As DataSet = userLookup.xyz("SELECT * FROM OPENQUERY (myDatabase,' SELECT userid, password, email1 FROM userInfo WHERE userid = ''" & userid & "'' AND password = ''" & password & "'' ') ")
If drSet1.Tables(0).Rows.Count < 1 Then
'Invalid Bond number
Page.ClientScript.RegisterClientScriptInclude("loginError", "scripts/loginError.js")
Else
If drSet1.Tables(0).Rows(0).Item("email1") = "" Then
'No email address
Page.ClientScript.RegisterClientScriptInclude("emailAddressSubmit", "scripts/emailAddressSubmit.js")
Else
response.redirect("home.aspx")
End If
End If
End Sub
Sub Submit_Email(sender As Object, e As System.Web.UI.ImageClickEventArgs)
'script to add email address to database
'this is where the strings are losing their values
Page_Transfer()
End Sub
Sub Submit_login(sender As Object, e As System.Web.UI.ImageClickEventArgs)
userid = Trim(useridfield.text)
password = Trim(passwordfield.text)
Page_Transfer()
End Sub
任何想法?
你在哪里得到drSet2? – WestDiscGolf 2010-11-09 10:18:39
对不起...错过了一些简化代码。现在应该都很好,但 – Tom 2010-11-09 10:23:24
请学习一些关于SQL注入的知识! – Scoregraphic 2010-11-09 10:23:50