private void LoginButton_Click(object sender,System.EventArgs e)

{

String sql=String.Format("select password from Administrator where AdminID='{0}',UseridBox.Text);

SqlConnection conn=new SqlConnection(ConfigurationSettings.AppSettings["connectionString"]);

SqlDataReader myreader=new SqlCommand(sql,conn).ExecuteReader();

if(myreader.Read())

{

String hashed=FormsAuthentication.HashPasswordForStoringInConfigFile(PasswordTextBox.Text,"SHA1");

//将用户输入的密码哈希后再与数据库是的哈希值进行比较

if(hash==myreader["password"]).ToString())

{

FormsAuthentication.RedirectFromLoginPage(UseridBox.Text,true);//转到请求页

}

else

Result.Text="密码错误";

}

else

Result.Text="用户不存在";

conn.Close();

}

【我要纠错】【进入论坛交流】【关闭此页】【进入博客】