关于登录会话

Question

我正在做我关于开发一个网站的项目。我是新来的ASP.net，现在我有一个关于登录会话的问题，当用户登录时，每个人都在同一网上冲浪时间也记录为该用户，不管他们是否登录。会话仅在有人点击注销按钮并且所有人都注销时结束。请帮帮我。每一个帮助将不胜感激。 这里是我的代码，我在主网页代码中的这些事情：

protected void Page_Load(object sender, EventArgs e) 

    { 

     string equip = "Equipment.aspx"; 
     string url = HttpContext.Current.Request.Url.AbsoluteUri; 
     if (url.IndexOf(equip) != -1) { Calendar2.Visible = false; Image1.Visible = false; } 
     equip = "Bookings.aspx"; 
     if (url.IndexOf(equip) != -1) { Calendar2.Visible = false; Image1.Visible = false; } 
     equip = "Rooms.aspx"; 
     if (url.IndexOf(equip) != -1) { Calendar2.Visible = false; Image1.Visible = false; } 
     equip = "Users.aspx"; 
     if (url.IndexOf(equip) != -1) { Calendar2.Visible = false; Image1.Visible = false; } 

     if (!Page.IsPostBack) 
     { 
      if (user != "" && user != null) 
      { 
       loginStatus = true; 
       redirectpage = false; 

      } 
      else 
      { 

       redirectpage = false; 
       loginStatus = false; 
       user = ""; 
       authority = 0; 
      } 

     } 
     else 
     { 

      if (user == "" || user==null) 
      { 

       if (cal != null) 
       { 

       } 
       loginStatus = false; 
       authority = 0; 
      } 
      else 
      { 
       if (cal != null) 
       { 

       } 
       loginStatus = true; 
      } 
     } 
    } 

/// <summary> 
/// Responds to a login request, validating details against the database and 
/// loading the user into the session if successful. 
/// </summary> 
/// <param name="sender">The sending object.</param> 
/// <param name="e">The event arguments.</param> 

protected void Login_Authenticate(object sender, AuthenticateEventArgs e) 
{ 

SqlConnection oConn = 
new SqlConnection(); 
oConn.ConnectionString = @"Data Source=STAVROS\SQLEXPRESS;User ID=sa;Password=123abc;Initial Catalog=webdev"; 

sSQL = "select * from tbl_user where username = '" + Login.UserName + "'AND password = '" + Login.Password + "' "; 
SqlCommand oComm1 = new SqlCommand(sSQL, oConn); 

try 
{ 

oConn.Open(); 
SqlDataReader i = oComm1.ExecuteReader(); 
if (i.HasRows) 
{ 
while (i.Read()) 
{ 
user = i.GetString(0); 
authority = i.GetInt16(7); 

loginStatus = true; 
string url = HttpContext.Current.Request.Url.Absolute… 
string p = "Home.aspx"; 
if (url.IndexOf(p) != -1) { Response.Redirect("Home.aspx"); } 
Helper.CreateUserSession(Session, user); 
} 

} 
else 
{ 
loginStatus = false; 
Login.FailureText = "Invalid username or password."; 
} 


i.Close(); 
} 
catch (Exception ex) 
{ 
Response.Redirect("room-book.aspx"); 

} 

} 

/// <summary> 
/// Logs the user out (kills the session) 
/// </summary> 
/// <param name="sender">The sender</param> 
/// <param name="e">The event arguments</param> 

protected void btnLogout_Click(object sender, EventArgs e) 
{ 

loginStatus = false; 
user = ""; 
authority = 0; 
Response.Redirect("Home.aspx"); 
} 

Answer 1

loginStatus是场我想？如果是这样，您必须在每个会话的基础上存储此标志

Answer 2

显然，您不了解Web应用程序中的会话处理。

这是一个基于表单的身份验证在C＃/ ASP.NET中的comprehensive tutorial。在继续前，您需要阅读基本概念。

希望它有帮助。

Answer 3

在应用程序中通过Session使用Form Authentication Ticket会更好。通过该配置，可以将Web Config从Windows Authentication转换为Passport mode认证。 更多使用javascript标签在注销时将表单加载事件内的会话过期。