關於登錄會話

Question

我正在做我關於開發一個網站的項目。我是新來的ASP.net，現在我有一個關於登錄會話的問題，當用戶登錄時，每個人都在同一網上衝浪時間也記錄爲該用戶，不管他們是否登錄。會話僅在有人點擊註銷按鈕並且所有人都註銷時結束。請幫幫我。每一個幫助將不勝感激。 這裏是我的代碼，我在主網頁代碼中的這些事情：

protected void Page_Load(object sender, EventArgs e) 

    { 

     string equip = "Equipment.aspx"; 
     string url = HttpContext.Current.Request.Url.AbsoluteUri; 
     if (url.IndexOf(equip) != -1) { Calendar2.Visible = false; Image1.Visible = false; } 
     equip = "Bookings.aspx"; 
     if (url.IndexOf(equip) != -1) { Calendar2.Visible = false; Image1.Visible = false; } 
     equip = "Rooms.aspx"; 
     if (url.IndexOf(equip) != -1) { Calendar2.Visible = false; Image1.Visible = false; } 
     equip = "Users.aspx"; 
     if (url.IndexOf(equip) != -1) { Calendar2.Visible = false; Image1.Visible = false; } 

     if (!Page.IsPostBack) 
     { 
      if (user != "" && user != null) 
      { 
       loginStatus = true; 
       redirectpage = false; 

      } 
      else 
      { 

       redirectpage = false; 
       loginStatus = false; 
       user = ""; 
       authority = 0; 
      } 

     } 
     else 
     { 

      if (user == "" || user==null) 
      { 

       if (cal != null) 
       { 

       } 
       loginStatus = false; 
       authority = 0; 
      } 
      else 
      { 
       if (cal != null) 
       { 

       } 
       loginStatus = true; 
      } 
     } 
    } 

/// <summary> 
/// Responds to a login request, validating details against the database and 
/// loading the user into the session if successful. 
/// </summary> 
/// <param name="sender">The sending object.</param> 
/// <param name="e">The event arguments.</param> 

protected void Login_Authenticate(object sender, AuthenticateEventArgs e) 
{ 

SqlConnection oConn = 
new SqlConnection(); 
oConn.ConnectionString = @"Data Source=STAVROS\SQLEXPRESS;User ID=sa;Password=123abc;Initial Catalog=webdev"; 

sSQL = "select * from tbl_user where username = '" + Login.UserName + "'AND password = '" + Login.Password + "' "; 
SqlCommand oComm1 = new SqlCommand(sSQL, oConn); 

try 
{ 

oConn.Open(); 
SqlDataReader i = oComm1.ExecuteReader(); 
if (i.HasRows) 
{ 
while (i.Read()) 
{ 
user = i.GetString(0); 
authority = i.GetInt16(7); 

loginStatus = true; 
string url = HttpContext.Current.Request.Url.Absolute… 
string p = "Home.aspx"; 
if (url.IndexOf(p) != -1) { Response.Redirect("Home.aspx"); } 
Helper.CreateUserSession(Session, user); 
} 

} 
else 
{ 
loginStatus = false; 
Login.FailureText = "Invalid username or password."; 
} 


i.Close(); 
} 
catch (Exception ex) 
{ 
Response.Redirect("room-book.aspx"); 

} 

} 

/// <summary> 
/// Logs the user out (kills the session) 
/// </summary> 
/// <param name="sender">The sender</param> 
/// <param name="e">The event arguments</param> 

protected void btnLogout_Click(object sender, EventArgs e) 
{ 

loginStatus = false; 
user = ""; 
authority = 0; 
Response.Redirect("Home.aspx"); 
} 

Answer 1

loginStatus是場我想？如果是這樣，您必須在每個會話的基礎上存儲此標誌

Answer 2

顯然，您不瞭解Web應用程序中的會話處理。

這是一個基於表單的身份驗證在C＃/ ASP.NET中的comprehensive tutorial。在繼續前，您需要閱讀基本概念。

希望它有幫助。

Answer 3

在應用程序中通過Session使用Form Authentication Ticket會更好。通過該配置，可以將Web Config從Windows Authentication轉換爲Passport mode認證。 更多使用javascript標籤在註銷時將表單加載事件內的會話過期。