public partial class Login : System.Web.UI.Page
{
private string connStr = WebConfigurationManager.ConnectionStrings["db"].ConnectionString;
protected void Page_Load(object sender, EventArgs e)
{
}
protected void btnLogin_Click(object sender, EventArgs e)
{
string userid = txtUserId.Text;
string password = txtPassword.Text;
DataTable dt = new DataTable();
try
{
using (SqlConnection conn = new SqlConnection(connStr))
{
using (SqlDataAdapter da = new SqlDataAdapter("SELECT * FROM User WHERE [UserID]=@UserID AND [UserPassword]=@UserPassword", conn))
{
da.SelectCommand.Parameters.AddWithValue("@UserID", userid);
da.SelectCommand.Parameters.AddWithValue("@UserPassword", password);
da.Fill(dt);
}
}
if (dt.Rows.Count > 0)
{
Session["AccountID"] = userid;
Response.Redirect("Default.aspx");
}
else
{
//利用Application來記錄帳號被輸入錯誤了多少次
if (Application[userid] == null)
Application[userid] = 1;
else
Application[userid] = Convert.ToInt32(Application[userid]) + 1;
//判斷該帳號輸入錯誤的次數到一定次數,導向其他網頁
if (Convert.ToInt32(Application[userid]) >= 10)
Response.Redirect("UnLock.aspx");
}
}
catch (Exception)
{
}
}
}