关于3层应用程序和存储过程

关于3层应用程序和存储过程

本文介绍了关于3层应用程序和存储过程的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

Hello Code项目,

我在应用程序中使用了3层体系结构,并且尝试使用存储过程登录,尽管我输入的数据不在数据库中,但我可以登录.如果我不使用3层体系结构,则我能够做我想做的事.
请帮助我改善以下代码,

//数据逻辑

Hello Code Project,

I have used 3-tier architecture in my application and I''m trying to do Login using stores procedure, Though I am entering data that is not in database, I could Login.. If I am not using 3 tier architecture, I am able to do what I want.
please help me to improve the following code,

//Data Logic

static string ConStr = @"Data Source=ROHIT-PC\SQLEXPRESS;Initial Catalog=MPAdvisor;Integrated Security=True";
     SqlConnection con = new SqlConnection(ConStr);

     public void LogIn(string username, string password)
     {
         con.Open();

         SqlCommand cmd = new SqlCommand("LogInProcedure", con);
         cmd.CommandType = CommandType.StoredProcedure;

         cmd.Parameters.AddWithValue("@username", username);
         cmd.Parameters.AddWithValue("@password", password);

         SqlDataReader reader = cmd.ExecuteReader();
     }



//业务逻辑



//Business Logic

DataLogic.DataClass dc = new DataLogic.DataClass();

       string username, password;

       public string GetUserName
       {
           get
           {
               return username;
           }
           set
           {
               username = value;
           }
       }

       public string GetPassword
       {
           get
           {
               return password;
           }
           set
           {
               password = value;
           }
       }

       public void doLogIn()
       {
           dc.LogIn(username, password);
       }



//表示逻辑



// Presentation Logic

BusinessLogic.BusinessClass bc = new BusinessLogic.BusinessClass();

           bc.GetUserName = usernametxt.Text;
           bc.GetPassword = passwordtxt.Text;
           bc.doLogIn();

           Session["uname"] = usernametxt.Text;
           Response.Redirect("Home.aspx");



//存储过程



// Stored Procedure

ALTER PROCEDURE dbo.LogInProcedure
    @username nvarchar (50),
    @password nvarchar (50)
AS
    SET NOCOUNT ON;
SELECT  * FROM users
WHERE   user_username=@username AND user_password=@password

推荐答案

public void LogIn(string username, string password)


2.此代码应从阅读器读取一个值.但是您的代码在此行代码之后结束.


2. This code should read a value from the reader. But your code ends after this line of code.

SqlDataReader reader = cmd.ExecuteReader();
        }


3.同样,此方法返回"void".重复同样的错误


3. Also this method returns ''void'' . Same mistake repeated

public void doLogIn()


4.即使用户能够登录或不登录,也将为他创建会话并将其重定向到Home.aspx,而与身份验证结果无关...那么,为什么需要用户名/密码本身呢?


4. Even if the user is able to login or not, the session is created for him and redirected to Home.aspx ,irrespective of the authentication result... Then why need the username/password itself ?

 bc.doLogIn();
Session["uname"] = usernametxt.Text;
Response.Redirect("Home.aspx");


5.密码不散列.即使是学生级别的项目也没有明文密码...


5. Passwords are not hashed. Even a student level project does not have plaintext passwords...



这篇关于关于3层应用程序和存储过程的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

08-19 00:43