web config n web config configuration system web
設定好 web. config 檔案 n web. config 檔案的內容: <configuration> <system. web> <authentication mode="Forms"> <forms name="kjaspx_ch 15" login. Url="Login. aspx" /> </authentication> <authorization> <deny users="? " /> </authorization> </system. web> </configuration
Form-based 驗證之初體驗 Step 2 -2
Form-based 驗證之初體驗 Step 4 -2
Form-based 驗證之初體驗 Step 6 -1 n 再度開啟瀏覽器,輸入以下網址來瀏覽 Hello. aspx: http: //localhost/kjaspx/ch 15/Hello. aspx n 而在瀏覽 Hello. aspx 之前,請先猜看看是 否會先進入Login. aspx?
瞭解 Login. aspx 的 作原理 (1) Login. aspx Part I <%@ Import Namespace="System. Web. Security " %> <%@ Import Namespace="System. Data. Ole. Db" %> <Html> <Body> <Form runat="server"> <H 3>請先登入您的帳號及密碼: <HR></H 3> <Blockquote>
瞭解 Login. aspx 的 作原理 (2) Login. aspx Part II 帳號: <asp: Text. Box runat="server" id="Account" /><p> 密碼: <asp: Text. Box runat="server" id="Password" Text. Mode="Password" /><p> 記得我: <asp: Check. Box runat="server" id="Remember. Me" /><p> <asp: Button runat="server" text="登入" On. Click="Login_Click" /><p> <asp: Label runat="server" id="Msg" Fore. Color="Red" /> </Blockquote><HR> <Font Size=-1 Color=Blue>登入網頁前, 請確定瀏覽器的 Cookie 是開啟的. </Font> </Form> </Body> </Html>
瞭解 Login. aspx 的 作原理 (3) Login. aspx Part III <script language="VB" runat="server"> Sub Login_Click( sender As Object, e As Event. Args ) If Verify( Account. Text, Password. Text ) Then Forms. Authentication. Redirect. From. Login. Page(Account. Text, Remember. Me. Checked) Else Msg. Text = "帳號或密碼錯誤, 請重新輸入!" End If End Sub
瞭解 Login. aspx 的 作原理 (4) Login. aspx Part VI Function Verify( 帳號 As String, 密碼 As String) As Boolean Dim Conn As Ole. Db. Connection, Cmd As Ole. Db. Command Dim Rd As Ole. Db. Data. Reader, SQL As String Dim Provider = "Provider=Microsoft. Jet. OLEDB. 4. 0" Dim Database = "Data Source=" & Server. Map. Path( "Users. mdb" ) Conn = New Ole. Db. Connection( Provider & "; " & Data. Base ) Conn. Open()
瞭解 Login. aspx 的 作原理 (5) Login. aspx Part V SQL = "Select * From Users Where " & _ "User. ID='" & 帳號 & "'" & _ " And Password='" & 密碼 & "'" Cmd = New Ole. Db. Command( SQL, Conn ) Rd = Cmd. Execute. Reader() If Rd. Read() Then ' 表示有找到 User. ID 及 Password, 通過驗證 Conn. Close() Return True Else Conn. Close() Msg. Text = "帳號或密碼錯誤, 請重新輸入!" Return False End If End Function </script>
瞭解 Login. aspx 的 作原理 (7) Login_Click 事件程序: Part I n If 「登入」鈕所對應的事件程序 Login_Click Verify( Account. Text, Password. Text ) Then Forms. Authentication. Redirect. From. Login. Page(Account. Text, Remember. Me. Checked) Else Msg. Text = "帳號或密碼錯誤, 請重新輸入!" End If
瞭解 Login. aspx 的 作原理(8) Login_Click 事件程序: Part II n 如果已經通過檢驗,則接著呼叫 Forms. Authentication. Redirect. From. Login. Page 方法,如下: Forms. Authentication. Redirect. From. Login. Page(Account. Text, Remember. Me. Checked)
瞭解 Login. aspx 的 作原理(10) Hello. aspx Part II <Form runat=server> <asp: Button runat="server" text="登出" On. Click="Logout_Click" /> </Form> </Body> </Html> <script language="VB" runat=server> Sub Logout_Click(sender As Object, e As Event. Args) Forms. Authentication. Sign. Out() Response. Redirect("Hello. aspx") End Sub </script>
瞭解 Login. aspx 的 作原理(11) mdb 資料庫的保全 n 為 mdb 資料庫進行「加密」 作,而其 中建立 Connection 物件的程式應改成: Dim Provider = "Provider=Microsoft. Jet. OLEDB. 4. 0" Dim Database = "Data Source=" & Server. Map. Path( "Users. Pwd. mdb" ) Dim Db. Pass = "Jet OLEDB: Database Password=kj 6688" Conn = New Ole. Db. Connection( Provider & "; " & Data. Base & "; " & Db. Pass ) Conn. Open()
即時加入會員 (2) n 操作說明(1): http: //localhost/kjaspx/ch 15 Member/Member. aspx
即時加入會員 (4) n #52 #53 #54 #55 #56 #57 #58 vb. Cr. Lf #59 #60 #61 #62 #63 #64 Forget. aspx #52~ 63 mail. Subject = "您的會員資料" mail. To = Rd. Item("Email") mail. From = "service@xxx. com. tw" ' 改成系統維護者的 e-mail. Body. Format = Mail. Format. Text Body = "使用者名稱:" & Rd. Item("User. ID") & vb. Cr. Lf Body = Body & " 密碼:" & Rd. Item("Password") & vb. Cr. Lf Body = Body & " 姓名:" & Rd. Item("Name") & vb. Cr. Lf & Body = Body & "ASP. NET 網頁製作教本 敬上" mail. Body = Body On Error Resume Next Smtp. Mail. Smtp. Server = "msa. hinet. net" Smtp. Mail. Send(mail)
fee 00. aspx 網頁之架構 Part I <%@ Import Namespace="System. Web. Security " %> <script language="VB" runat=server> Sub Page_Load(sender As Object, e As Event. Args) Dim Page As String = Request. Server. Variables("PATH_INFO") Dim User. ID As String = User. Identity. Name Msg. Text = "帳號: " & User. ID & " " Msg. Text &= "網頁: " & Page ' 接著根據 Page 之計費點數,扣除 User. ID 帳號的點數 End Sub </script>
htm 網頁的計費(11) n 從資料庫中讀出此一帳號的剩餘點數及 此一網頁之點數,如下: #26 #27 #28 #29 #30 #31 #32 #33 #34 #35 #36 #37 #38 ' 讀出此一網頁之點數, 及此一帳號之剩餘點數 SQL = "Select * From Pages Where " & _ "網頁='" & Request("Page") & "'" Cmd = New Ole. Db. Command( SQL, Conn ) Rd = Cmd. Execute. Reader() If Rd. Read() Then 點數 = Rd. Item("點數") Rd. Close() SQL = "Select * From Users Where " & _ "User. ID='" & User. Identity. Name & "'" Cmd = New Ole. Db. Command( SQL, Conn ) Rd = Cmd. Execute. Reader() If Rd. Read() Then 剩餘點數 = Rd. Item("點數") Rd. Close()
htm 網頁的計費(13) n 在扣點方面,所撰寫的程式如下: #41 #42 #43 #44 #45 #46 #47 #48 #49 #50 #51 #52 ' 將「User. ID、網頁、點數」記錄於 Charges 資料表 SQL = "Insert Into Charges (User. ID, 網頁, 點數) " & _ "Values ( '" & User. Identity. Name & "', '" & _ Request("Page") & "', " & 點數 & ")" Cmd = New Ole. Db. Command( SQL, Conn ) Cmd. Execute. Non. Query() ' 扣除 Users 資料表的點數 SQL = "Update Users Set 點數=點數-" & 點數 & _ " Where User. ID='" & User. Identity. Name & "'" Cmd = New Ole. Db. Command( SQL, Conn ) Cmd. Execute. Non. Query()
- Slides: 57