我有一个登录和数据库的大问题。我搜索了很多,但找不到解决方案。首先,我试图从我的数据库中获得排名。当一切都是真实的时候,我想重定向。但是,当我在写我的登录名和密码,大约30秒后,我收到“而与SQL Server建立连接时出现与网络相关的或特定于实例的错误...”asp.net登录数据库
这里是我的代码
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.Configuration;
using System.Data;
using System.Data.SqlClient;
namespace _29
{
public partial class Default : System.Web.UI.Page
{
private string strcon = WebConfigurationManager.ConnectionStrings["UserConnectionString1"].ConnectionString;
protected void Page_Load(object sender, EventArgs e)
{
if ((Session["Check"] != null) && (Convert.ToBoolean(Session["Check"]) == true))
{
// If User is Authenticated then moved to a main page
if (User.Identity.IsAuthenticated)
Response.Redirect("Welcome.aspx");
}
}
protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)
{
Boolean wynik;
wynik = false;
wynik = Authentication(Login1.UserName, Login1.Password);
if (wynik == true) {
e.Authenticated = true;
Session["Check"] = true;
}
else
{
e.Authenticated = false;
}
}
private bool Authentication(string p1, string p2)
{
SqlConnection con = new SqlConnection(strcon);
SqlCommand cmd = new SqlCommand("Select count(UserName) from Users where UserName='" + p1 + "' and Password ='" + p2 + "'", con);
con.Open();
int result = (int)cmd.ExecuteScalar();
if (result == 1)
{
return true;
}
else
{
return false;
}
}}
}
这里是我的web.config
<configuration>
<connectionStrings>
<add name="UserConnectionString1" connectionString="Data Source=(LocalDB)\v11.0;AttachDbFilename=|DataDirect`enter code here`ory|\User.mdf;Integrated
Security=True"
providerName="System.Data.SqlClient" />
</connectionStrings>
<system.web>
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5" />
</system.web>
<appSettings>
<add key="ValidationSettings:UnobtrusiveValidationMode" value="None" />
</appSettings>
</configuration>
试图获得由行的结果,但它不工作。 请帮我:)
首先,你应该参数化你的sql语句。 sql注入已经成熟。请看看这样的文章 - > http://www.codeproject.com/Articles/604268/Hack-Proof-Your-ASP-NET-Applications-From-SQL-Inje关于你的问题,我会检查你的连接字符串,因为它很可能不指向有效的sql服务器实例。 –