protected void bt_login_Click(object sender, EventArgs e)
{
USER myuser = new USER();
myuser.USERNAME = this.tb_username.Text;
string pwd = this.tb_password.Text;
string sqlGetUserID = "SELECT USERID FROM [USER] WHERE USERNAME='******'";
int userid = Convert.ToInt16(DbHelperSQL.GetSingle(sqlGetUserID));
myuser.GetModel(userid);
if (userid != 0)
{
if (myuser.PASSWORD.Trim() == pwd.Trim())
{
Response.Write(MessageBox.Show("登入成功"));
ROLE myrole = new ROLE();
myrole.ROLEID = myuser.ROLEID;
myrole.GetModel(myrole.ROLEID);
Session["roleid"] = Convert.ToInt16(myrole.ROLEID);
Response.Redirect("index.aspx");
}
else
{
Response.Write(MessageBox.Show("登入失败"));
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
USER myuser = new USER();
myuser.USERNAME = Request.QueryString["user"];
string pwd = Request.QueryString["password"];
string sqlGetUserID = "SELECT USERID FROM [USER] WHERE USERNAME='******'";
int userid = Convert.ToInt16(DbHelperSQL.GetSingle(sqlGetUserID));
myuser.GetModel(userid);
if (userid == 0)
{
Response.Write("{\"success\":0, \"userName\":\"" + Request.QueryString["user"] + "\",\"authority\":\"\"}");
}
else
{
if (pwd != null)
{
if (myuser.PASSWORD.Trim() == pwd.Trim())
{
if (myuser.ROLEID == 25)
{
Response.Write("{\"success\":1, \"userName\":\"" + Request.QueryString["user"] + "\", \"authority\":\"student\"}");
}
else
{
Response.Write("{\"success\":1, \"userName\":\"" + Request.QueryString["user"] + "\", \"authority\":\"teacher\"}");
}
}
else
{
Response.Write("{\"success\":0, \"userName\":\"" + Request.QueryString["user"] + "\",\"authority\":\"\"}");
}
}
}
}
