日期:2014-05-17  浏览次数:20560 次

Response.Write("<script>alert('')</script>"); 不起作用
SqlConnection conn = new SqlConnection(ConfigurationManager.AppSettings["ConnectionString"]);
SqlCommand cmd = new SqlCommand("select * from userlogin where useremail='" + this.Login1.UserName + "' and pwd = '" + System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(this.Login1.Password.Trim(), "MD5") + "';", conn);

            try
            {
                conn.Open();
                SqlDataReader dr = cmd.ExecuteReader();
                if (dr.Read())
                {
                    //Session["userAuth"] = modeluser.Purview;
                    Session.Add("userName", null);
                    Session["userName"] = dr["username"];
                    Session["userID"] = dr["useremail"];
                    //将已验证身份的用户重定向回最初请求的 URL。
                    FormsAuthentication.RedirectFromLoginPage(this.Login1.UserName.Trim(), false);
                    if (Convert.ToInt32(dr["validate"]) == 1)
                    {
                         Response.Redirect(@"~/temp/MakeCourse.aspx", false);
                    }
                    else 
                    {
                        Response.Write("<script>alert('对不起,只有经过管理员审批才能制作!')</script>");
                        
                    }
                }
                else