protected void Page_Load(object sender, EventArgs e) { /*从session里获取用户,没有的话用cookie获取用户,否则跳转*/ if (Session["USER"] != null) { usr = (User)Session["USER"]; } else { string username = (Request.Cookies["username"]!=null)?Request.Cookies["username"].Value.ToString().Trim():""; if (username != "") { usr = UserGet.GetFeature(username); Session["USER"] = usr; } if (usr == null) { Response.Redirect("../Usr/UsrLogin.htm"); Response.Flush(); Response.End(); } } if (usr.Privilege < 0) { Response.Write("您没有后台管理权限!"); Response.Flush(); Response.End(); } else { page0.InnerHtml = "欢迎您!"+usr.Name; } }
public static User GetFeature(string usrname) { StringBuilder sb = new StringBuilder(); User usr = null; using (OracleConnection conn = new OracleConnection(OraHelper.str)) { conn.Open(); OracleCommand comm = conn.CreateCommand(); OracleParameter[] parms = new OracleParameter[]{ new OracleParameter(":NAME",OracleType.VarChar) }; parms[0].Value = usrname; comm.CommandText = SQL_SEARCH_USER_TOTAL; comm.CommandType = CommandType.Text; foreach (OracleParameter parm in parms) { comm.Parameters.Add(parm); } OracleDataReader rdr = comm.ExecuteReader(); if (rdr.HasRows) { rdr.Read(); usr = new User(rdr[0].ToString(), rdr[1].ToString(), rdr[2].ToString(), int.Parse(rdr[3].ToString())); } else { return null; } conn.Close(); } return usr; }