【发布时间】:2022-01-13 07:36:25
【问题描述】:
如何在 ASP MVC 的主页中显示用户 ID。我不知道是什么问题。请问userId是什么原因
这是仪表板的一部分
protected void Page_Load(object sender, EventArgs e)
{
string sUserInfo = System.Environment.UserName;
string constr = "Data Source=MyDatabase;Database=test;User Id=username;Password=add3" ;
SqlConnection con = new SqlConnection(constr);
con.Open();
SqlCommand cmd = new SqlCommand("Select SystemName from tbl_SYS_Users where UserId='" + sUserInfo + "'");
cmd.CommandType = System.Data.CommandType.Text;
cmd.Connection = con;
SqlDataReader sdr = cmd.ExecuteReader();
string tempa = "";
while (sdr.Read())
{
tempa += sdr["SystemName"].ToString();
}
lblUserID.Text = Utilities.GetUserInfo(tempa);
}
这是用于 AppData 文件夹中的实用程序
public static string GetUserInfo(string sSystem)
{
sSystem = sSystem.ToUpper();
string sUserInfo = System.Environment.UserName;
if (SetConfigs()) //Check config file first
{
//Get userinfo from db server
if (sSystem != "HOME")
{
string sQry = "Select * from tbl_SYS_Users where SystemName = '" + sSystem + "' AND UserId='" + sUserInfo + "'";
using (DataTable dsTable = SQL_Query(Globals.sSQLCS_FNS, sQry, true, false))
{
if (dsTable == null)
{
sUserInfo += " - Unknown User!a";
Globals.UserID = null;
Globals.UserAccess = "";
Globals.UserName = null;
}
else
{
if (dsTable.Rows.Count == 0) //ID not found!
{
sUserInfo += " - Unknown User!";
Globals.UserID = null;
Globals.UserAccess = "";
Globals.UserName = null;
}
else
{
sUserInfo += " - " + dsTable.Rows[0]["Username"];
Globals.UserID = dsTable.Rows[0]["UserId"].ToString().Trim();
Globals.UserName = dsTable.Rows[0]["Username"].ToString().Trim();
}
}
}
}
}
else if (sSystem != "HOME")
sUserInfo += " - Unknown User!s";
return sUserInfo; // return to lblUserID.Text in the homepage
}
这张图片是主页
这是数据库
我想在我的主页中显示用户名
【问题讨论】:
-
当你设置断点时,sSystem 的值是多少?
-
帮自己一个忙,并为您的查询使用参数。您不想成为 SQL 注入攻击的受害者。
标签: c# sql-server asp.net-mvc