CCommonDBcs
namespace secureComponents
{
public class CCommonDB : CSql
{
public CCommonDB() : base() { }
public string AuthenticateUser(
SystemWebSessionStateHttpSessionState objSession // Session Variable
SystemWebHttpResponse objResponse // Response Variable
string email // Login
string password // Password
bool bPersist // Persist login
)
{
int nLoginID = ;
int nLoginType = ;
// Log the user in
Login(email password ref nLoginID ref nLoginType);
if(nLoginID != ) // Success
{
// Log the user in
SystemWebSecurityFormsAuthenticationSetAuthCookie(nLoginIDToString()
bPersist);
// Set the session varaibles
objSession[loginID] = nLoginIDToString();
objSession[loginType] = nLoginTypeToString();
// Set cookie information incase they made it persistant
SystemWebHttpCookie wrapperCookie = new SystemWebHttpCookie(wrapper);
wrapperCookieValue = objSession[wrapper]ToString();
wrapperCookieExpires = DateTimeNowAddDays();
SystemWebHttpCookie lgnTypeCookie = new SystemWebHttpCookie(loginType);
lgnTypeCookieValue = objSession[loginType]ToString();
lgnTypeCookieExpires = DateTimeNowAddDays();
// Add the cookie to the response
objResponseCookiesAdd(wrapperCookie);
objResponseCookiesAdd(lgnTypeCookie);
return /candidate/defaultaspx;
}
case : // Admin Login
{
return /admin/defaultaspx;
}
case : // Reporting Login
{
return /reports/defaultaspx;
}
default:
{
return stringEmpty;
}
}
}
else
{
return stringEmpty;
}
}
/// <summary>
/// Verifies the login and password that were given
/// </summary>
/// <param name=email>the login</param>
/// <param name=password>the password</param>
/// <param name=nLoginID>returns the login id</param>
/// <param name=nLoginType>returns the login type</param>
public void Login(string email string password ref int nLoginID
ref int nLoginType)
{
ResetSql();
DataSet ds = new DataSet();
// Set our parameters
SqlParameter paramLogin = new SqlParameter(@username SqlDbTypeVarChar );
paramLoginValue = email;
SqlParameter paramPassword = new SqlParameter(@password SqlDbTypeVarChar );
paramPasswordValue = password;
CommandCommandType = CommandTypeStoredProcedure;
CommandCommandText = glbl_Login;
CommandParametersAdd(paramLogin);
CommandParametersAdd(paramPassword);
AdapterTableMappingsAdd(Table Login);
AdapterSelectCommand = Command;
AdapterFill(ds);
if(dsTablesCount != )
{
DataRow row = dsTables[]Rows[];
// Get the login id and the login type
nLoginID = ConvertToInt(row[Login_ID]ToString());
nLoginType = ConvertToInt(row[Login_Type]ToString());
}
else
{
nLoginID = ;
nLoginType = ;
}
}
}
abstract public class CSql
{
private SqlConnection sqlConnection; // Connection string
private SqlCommand sqlCommand; // Command
private SqlDataAdapter sqlDataAdapter; // Data Adapter
private DataSet sqlDataSet; // Data Set
public CSql()
{
sqlConnection = new SqlConnection(ConfigurationSettingsAppSettings
[ConnectionString]);
sqlCommand = new SqlCommand();
sqlDataAdapter = new SqlDataAdapter();
sqlDataSet = new DataSet();
sqlCommandConnection = sqlConnection;
}
/// <summary>
/// Access to our sql command
/// </summary>
protected SqlCommand Command
{
get { return sqlCommand; }
}
/// <summary>
/// Access to our data adapter
/// </summary>
protected SqlDataAdapter Adapter
{
get { return sqlDataAdapter; }
}
/// <summary>
/// Makes sure that everything is clear and ready for a new query
/// </summary>
protected void ResetSql()
{
if(sqlCommand != null)
{
sqlCommand = new SqlCommand();
sqlCommandConnection = sqlConnection;
}
if(sqlDataAdapter != null)
sqlDataAdapter = new SqlDataAdapter();
if(sqlDataSet != null)
sqlDataSet = new DataSet();
}
/// <summary>
/// Runs our command and returns the dataset
/// </summary>
/// <returns>the data set</returns>
protected DataSet RunQuery()
{
sqlDataAdapterSelectCommand = Command;
sqlConnectionOpen();
sqlConnectionClose();
sqlDataAdapterFill(sqlDataSet);
return sqlDataSet;
}
}
}
![在ASP.NET中创建安全的web站点[4]](/UploadFiles/4.jpg)