protected void btnSubmit_Click(object sender, EventArgs e) { amendPassword transfer = new amendPassword(); string oldPwd = this.txtOldPwd.Text.Trim(); string NewPwd = this.txtNewPwd.Text.Trim(); string Old_password = transfer.EncryptPassword(oldPwd, "MD5").ToString(); string New_password = transfer.EncryptPassword(NewPwd, "MD5").ToString(); SqlConnection conn = new SqlConnection(ConfigurationManager.AppSettings["VoteConnectionString"]); SqlCommand selectcmd = new SqlCommand("select * from Users where userId='" + Session["userID"].ToString() + "'and userPwd='" + Old_password + "'", conn); try { conn.Open(); SqlDataReader sdr = selectcmd.ExecuteReader(); if (sdr.Read()) { sdr.Close(); SqlCommand updatecmd = new SqlCommand("update Users set userPwd='" + New_password + "' where userId='" + Session["userID"].ToString() + "'", conn); int i = updatecmd.ExecuteNonQuery(); if (i > 0) { Response.Write("<script language=javascript>alert('成功修改密码!')</script>"); } else { Response.Write("<script language=javascript>alert('修改密码失败!')</script>"); } } else { Response.Write("<script language=javascript>alert('您输入的密码错误,检查后重新输入')</script>"); } } catch (System.Exception ee) { Response.Write("<script language=javascript>alert('" + ee.Message.ToString() + "')</script>"); } finally { conn.Close(); } }
protected void btnLogin_Click(object sender, EventArgs e) { transfer = new amendPassword(); string NewPwd = this.PassWord.Text.Trim(); string sqlQuery = "select userId,userPwd from Users where userId='" + UserName.Text.Trim() + "'"; DataBase DB = new DataBase(); DataTable dt = DB.DataSelect(sqlQuery); try { int Row = dt.Rows.Count; if (Row == 0) { Response.Write(amendPassword.Show_MessageBox("没有此用户!")); this.UserName.Text = ""; this.UserName.Focus(); return; } else { string sel_userid = dt.Rows[0]["UserID"].ToString(); string sel_Pwd = dt.Rows[0]["userPwd"].ToString().Trim(); string confirm_pwd = transfer.EncryptPassword(NewPwd, "MD5").Trim(); if (sel_Pwd != confirm_pwd) { Response.Write(amendPassword.Show_MessageBox("用户密码错误!")); this.PassWord.Text.Trim(); this.PassWord.Focus(); return; } else { Session["userID"] = UserName.Text.Trim(); Response.Redirect("Main.aspx"); } } } catch (System.Exception ee) { Response.Write("script language=javascript>alert('" + ee.Message.ToString() + "')</script>"); } }
protected void btnSubmit_Click(object sender, EventArgs e) { amendPassword transfer = new amendPassword(); string NewPwd = this.txtPwd.Text.Trim(); string pwd = transfer.EncryptPassword(NewPwd, "MD5").Trim(); //string pwd = System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(NewPwd, "MD5"); int i = userNameValidate(); if (i == 0) { SqlConnection conn = new SqlConnection(ConfigurationManager.AppSettings["VoteConnectionString"]); SqlCommand cmd = new SqlCommand("insert into Users Values(@userId,@userPwd,@userName,@userSex,@userBirth,@userPhone,@userMobilePhone,@userCode,@userAddress,@userEmail,@userQQ)", conn); cmd.Parameters.Add("@userPwd", SqlDbType.VarChar, 50); cmd.Parameters.Add("@userId", SqlDbType.VarChar, 15); cmd.Parameters.Add("@userName", SqlDbType.VarChar, 20); cmd.Parameters.Add("@userSex", SqlDbType.VarChar, 2); cmd.Parameters.Add("@userBirth", SqlDbType.VarChar, 8); cmd.Parameters.Add("@userPhone", SqlDbType.VarChar, 15); cmd.Parameters.Add("@userMobilePhone", SqlDbType.VarChar, 15); cmd.Parameters.Add("@userCode", SqlDbType.VarChar, 6); cmd.Parameters.Add("@userAddress", SqlDbType.VarChar, 200); cmd.Parameters.Add("@userEmail", SqlDbType.VarChar, 100); cmd.Parameters.Add("@userQQ", SqlDbType.VarChar, 20); cmd.Parameters["@userid"].Value = txtName.Text; cmd.Parameters["@userPwd"].Value = pwd; cmd.Parameters["@userName"].Value = txtUname.Text; cmd.Parameters["@userSex"].Value = rltSex.SelectedItem.Text; cmd.Parameters["@userBirth"].Value = Convert.ToDateTime(ddlYear.SelectedValue + "-" + ddlmonth.SelectedValue + "-" + ddlDay.SelectedValue); cmd.Parameters["@userPhone"].Value = txtUtel2.Text; cmd.Parameters["@userMobilePhone"].Value = txtUtel3.Text; cmd.Parameters["@userCode"].Value = txtUzip.Text; cmd.Parameters["@userAddress"].Value = txtUaddr.Text; cmd.Parameters["@userEmail"].Value = txtUemail.Text; cmd.Parameters["@userQQ"].Value = txtUQQ.Text; try { conn.Open(); string msg = op.sortadd(txtName.Text); int flag = cmd.ExecuteNonQuery(); if (flag > 0 && msg == "") { lblshow.Style["color"] = "red"; //Response.Redirect("Login.aspx"); //Response.Write("注册成功,请等待2秒......"); lblshow.Text = "注册成功,请等待2秒......<script language=javascript>" + "window.setTimeout(\"location.href='Login.aspx'\",2000);" + "</script>"; //Response.Write("<script language=javascript>window.setTimeout(\"location.href='Login.aspx'\",2000);</script>"); } else { Response.Write("<script language=javascript>alert('注册失败!')</script>"); } } catch (System.Exception ee) { Response.Write("<script language=javascript>alert('" + ee.Message.ToString() + "')</script>"); } finally { conn.Close(); } } }
protected void btnLogin_Click(object sender, EventArgs e) { transfer = new amendPassword(); string NewPwd = this.txtUserPwd.Text.Trim(); //string Oldpwd = transfer.EncryptPassword(NewPwd, "MD5").Trim(); string sqlQuery = "select userId,userPwd from Users where userId='" + txtUserName.Text.Trim() + "'"; //string pwdQuery = "select userPwd from Users where userId='" + txtUserName.Text + "'"; //SqlConnection conn = new SqlConnection(ConfigurationManager.AppSettings["VoteConnectionString"]); //SqlCommand cmd = new SqlCommand(sqlQuery, conn); DataBase DB = new DataBase(); DataTable dt = DB.DataSelect(sqlQuery); try { //conn.Open(); //SqlDataReader sdr = cmd.ExecuteReader(); int Row = dt.Rows.Count; if (Row == 0) { //string pwd1 = sdr["userPwd"].ToString(); //string tt = transfer.EncryptPassword(pwd1, "MD5"); //if (tt == Oldpwd) // if (sdr["userPwd"].ToString() == Oldpwd) //{ // conn.Close(); // Session["userID"] = txtUserName.Text.Trim(); // Response.Redirect("TreeAddress/Tree.aspx"); ////} //else //{ // //Response.Write("<script language=javascript>alert('密码错误!')</script>"); //} Response.Write(amendPassword.Show_MessageBox("没有此用户!")); this.txtUserName.Text = ""; this.txtUserName.Focus(); return; } else { //Response.Write("<script language=javascript>alert('用户名错误或不存在')</script>"); string sel_userid = dt.Rows[0]["UserID"].ToString(); string sel_Pwd = dt.Rows[0]["userPwd"].ToString().Trim(); string confirm_pwd = transfer.EncryptPassword(NewPwd, "MD5").Trim(); if (sel_Pwd != confirm_pwd) { Response.Write(amendPassword.Show_MessageBox("用户密码错误!")); this.txtUserPwd.Text.Trim(); this.txtUserPwd.Focus(); return; } else { Session["userID"] = txtUserName.Text.Trim(); Response.Redirect("TreeAddress/Tree.aspx"); } } } catch (System.Exception ee) { Response.Write("script language=javascript>alert('" + ee.Message.ToString() + "')</script>"); } }