Imports System.Data.SqlClient
Imports System.Web.Security
Partial Class Login_Login
Inherits System.Web.UI.Page
Protected Sub btnLogin_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles btnLogin.Click
If IsUser() Then
Response.Redirect("../userprofile.aspx")
Else
MessageBox("Invalid Username & Password", "LoginFail")
If member() Then
Response.Redirect("../userprofile.aspx")
Else
MessageBox("Invalid Username & Password", "LoginFail")
End If
End If
End Sub
'Admin
Protected Function IsUser() As Boolean
Dim HaveUser As Boolean = False
Dim user As Integer = 0
Dim connectionString As String = "Data Source=DELL_BLUE-PC;Initial Catalog=Research;Integrated Security=SSPI;"
Dim objConnection As New SqlConnection(connectionString)
Dim commandString As String = "Select Count(*) From [admid] Where [Username]=@Username And [Password]=@Password"
Dim objCommand As New SqlCommand(commandString, objConnection)
objCommand.Parameters.AddWithValue("@Username", txtUsername.Text)
objCommand.Parameters.AddWithValue("@Password", txtPassword.Text)
Try
objConnection.Open()
user = CInt(objCommand.ExecuteScalar())
objCommand.Clone()
If user > 0 Then
HaveUser = True
Session("userid") = txtUsername.Text
Session.Timeout = 20
End If
Catch ex As Exception
MessageBox(String.Format("Error: {0}", ex.Message), "ErrorMessage")
Exit Try
End Try
Return HaveUser
End Function
'member
Protected Function member() As Boolean
Dim HaveUser As Boolean = False
Dim user As Integer = 0
Dim connectionString As String = "Data Source=DELL_BLUE-PC;Initial Catalog=Research;Integrated Security=SSPI;"
Dim objConnection As New SqlConnection(connectionString)
Dim commandString As String = "Select Count(*) From [Mem_Normal] Where [Username]=@Username And [Password]=@Password"
Dim objCommand As New SqlCommand(commandString, objConnection)
objCommand.Parameters.AddWithValue("@Username", txtUsername.Text)
objCommand.Parameters.AddWithValue("@Password", txtPassword.Text)
Try
objConnection.Open()
user = CInt(objCommand.ExecuteScalar())
objCommand.Clone()
If user > 0 Then
HaveUser = True
Session("userid") = txtUsername.Text
Session.Timeout = 20
End If
Catch ex As Exception
MessageBox(String.Format("Error: {0}", ex.Message), "ErrorMessage")
Exit Try
End Try
Return HaveUser
End Function
Protected Sub MessageBox(ByVal Message As String, ByVal MessageName As String)
Dim ClientScript As ClientScriptManager = Page.ClientScript
If Not ClientScript.IsClientScriptBlockRegistered(Me.GetType(), MessageName) Then
ClientScript.RegisterClientScriptBlock(Me.GetType(), MessageName, String.Format("alert('{0}')", Message), True)
End If
End Sub
End Class
3. สร้าง user control ในส่วนของ login ตั้งชื่อว่า LoginUserControl.ascx
LoginUserControl.ascx
<%@ Control Language="VB" AutoEventWireup="false" CodeFile="LoginUserControl.ascx.vb" Inherits="LoginUserControl" %>
LoginUserControl.ascx.vb
Imports System.Data
Imports System.Data.SqlClient
Partial Class LoginUserControl
Inherits System.Web.UI.UserControl
Private userTextBox As TextBox
Private passwordTextBox As TextBox
Protected Sub Page_Init(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Init
userTextBox = New TextBox()
passwordTextBox = New TextBox()
End Sub
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
If Session("UserID") Is Nothing Then
CreateLoginForm()
Else
UserProfile()
End If
End Sub
Protected Sub loginButton_Click(ByVal sender As Object, ByVal e As System.EventArgs)
Dim strConnection As String = "Data Source=.\SQLEXPRESS;Initial Catalog=SqlDatabase;Integrated Security=True"
Dim Connection As New SqlConnection(strConnection)
Dim strCommand As String = "Select [UserID] From [UserTable] Where [UserName]=@UserName And [UserPassword]=@UserPassword"
Dim Command As New SqlCommand(strCommand, Connection)
Command.Parameters.AddWithValue("@UserName", userTextBox.Text)
Command.Parameters.AddWithValue("@UserPassword", passwordTextBox.Text)
Dim UserID As Integer = 0
Try
Connection.Open()
Dim dataReader As SqlDataReader = Command.ExecuteReader(CommandBehavior.SingleRow)
dataReader.Read()
UserID = CInt(dataReader("UserID"))
dataReader.Close()
Connection.Close()
Catch ex As Exception
MessageBox.Show(String.Format("Error: {0}", ex.Message))
End Try
If UserID > 0 Then
Session("UserID") = UserID
Response.Redirect("~/LoginSuccess.aspx")
Else
Session("UserID") = Nothing
MessageBox.Show("User Name หรือ Password ไม่ถูกต้อง")
End If
End Sub
Protected Sub logoutButton_Click(ByVal sender As Object, ByVal e As System.EventArgs)
Session("UserID") = Nothing
Response.Redirect("~/Login.aspx")
End Sub
Protected Sub CreateLoginForm()
Dim userLabel As New Label()
userLabel.Text = "User:"
Me.Controls.Add(userLabel)
Me.Controls.Add(userTextBox)
Me.Controls.Add(New LiteralControl("<br />"))
Dim passwordLabel As New Label()
passwordLabel.Text = "Password:"
Me.Controls.Add(passwordLabel)
passwordTextBox.Width = 120
passwordTextBox.TextMode = TextBoxMode.Password
Me.Controls.Add(passwordTextBox)
Me.Controls.Add(New LiteralControl("<br />"))
Dim loginButton As New Button()
loginButton.Text = "Login"
AddHandler loginButton.Click, New EventHandler(AddressOf loginButton_Click)
Me.Controls.Add(loginButton)
End Sub
Protected Sub UserProfile()
Dim strConnection As String = "Data Source=.\SQLEXPRESS;Initial Catalog=SqlDatabase;Integrated Security=True"
Dim Connection As New SqlConnection(strConnection)
Dim strCommand As String = "Select [UserName], [UserPassword] From [UserTable] Where [UserID]=@UserID"
Dim Command As New SqlCommand(strCommand, Connection)
Command.Parameters.AddWithValue("@UserID", CInt(Session("UserID")))
Dim UserName As String = String.Empty
Try
Connection.Open()
Dim dataReader As SqlDataReader = Command.ExecuteReader(CommandBehavior.SingleRow)
dataReader.Read()
UserName = dataReader("UserName").ToString()
dataReader.Close()
Connection.Close()
Catch ex As Exception
MessageBox.Show(String.Format("Error: {0}", ex.Message))
End Try
Dim userLabel As New Label()
userLabel.Text = String.Format("Welcome {0}", UserName)
Me.Controls.Add(userLabel)
Me.Controls.Add(New LiteralControl("<br />"))
Dim editProfile As New HyperLink()
editProfile.Text = "Edit Profile"
editProfile.NavigateUrl = "~/EditProfile.aspx"
Me.Controls.Add(editProfile)
Me.Controls.Add(New LiteralControl("<br />"))
Dim logoutButton As New Button()
logoutButton.Text = "Loout"
AddHandler logoutButton.Click, New EventHandler(AddressOf logoutButton_Click)
Me.Controls.Add(logoutButton)
End Sub
End Class
Partial Class LoginSuccess
Inherits System.Web.UI.Page
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
If Session("UserID") Is Nothing Then
Response.Redirect("~/Login.aspx")
End If
End Sub
End Class
Imports System.Data
Imports System.Data.SqlClient
Partial Class EditProfile
Inherits System.Web.UI.Page
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
If Session("UserID") Is Nothing Then
Response.Redirect("~/Login.aspx")
End If
End Sub
Protected Sub saveButton_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles saveButton.Click
Dim strConnection As String = "Data Source=.\SQLEXPRESS;Initial Catalog=SqlDatabase;Integrated Security=True"
Dim Connection As New SqlConnection(strConnection)
Dim strCommand As String = "Update [UserTable] Set [UserName]=@UserName, [UserPassword]=@UserPassword Where [UserID]=@UserID"
Dim Command As New SqlCommand(strCommand, Connection)
Command.Parameters.AddWithValue("@UserName", userTextBox.Text)
Command.Parameters.AddWithValue("@UserPassword", passwordTextBox.Text)
Command.Parameters.AddWithValue("@UserID", CInt(Session("UserID")))
Try
Connection.Open()
Command.ExecuteNonQuery()
Connection.Close()
Catch ex As Exception
MessageBox.Show(String.Format("Error: {0}", ex.Message))
End Try
MessageBox.Show("อัฟเดตข้อมูลเรียบร้อย")
Session("UserID") = Nothing
Response.Redirect("~/Login.aspx")
End Sub
Protected Sub cancelButton_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles cancelButton.Click
Response.Redirect("~/LoginSuccess.aspx")
End Sub
End Class
พอดีเขียน class messagebox เอาไว้แหละ แต่ไม่ได้เอามาลง อิอิ
ต้นฉบับเป็น c# แต่ลอง convert เป็น vb ให้แล้วกัน
MessageBox.vb
Imports System.Data
Imports System.Configuration
Imports System.Web
Imports System.Web.Security
Imports System.Web.UI
Imports System.Web.UI.WebControls
Imports System.Web.UI.WebControls.WebParts
Imports System.Web.UI.HtmlControls
Imports System.Collections
Imports System.Text
''' <summary>
''' Summary description for MessageBox
''' </summary>
Public Class MessageBox
Private Shared m_executingPages As New Hashtable()
'
' TODO: Add constructor logic here
'
Public Sub New()
End Sub
Public Shared Sub Show(sMessage As String)
' If this is the first time a page has called this method then
If Not m_executingPages.Contains(HttpContext.Current.Handler) Then
' Attempt to cast HttpHandler as a Page.
Dim executingPage As Page = TryCast(HttpContext.Current.Handler, Page)
If executingPage IsNot Nothing Then
' Create a Queue to hold one or more messages.
Dim messageQueue As New Queue()
' Add our message to the Queue
messageQueue.Enqueue(sMessage)
' Add our message queue to the hash table. Use our page reference
' (IHttpHandler) as the key.
m_executingPages.Add(HttpContext.Current.Handler, messageQueue)
' Wire up Unload event so that we can inject
' some JavaScript for the alerts.
AddHandler executingPage.Unload, New EventHandler(AddressOf ExecutingPage_Unload)
End If
Else
' If were here then the method has allready been
' called from the executing Page.
' We have allready created a message queue and stored a
' reference to it in our hastable.
Dim queue As Queue = DirectCast(m_executingPages(HttpContext.Current.Handler), Queue)
' Add our message to the Queue
queue.Enqueue(sMessage)
End If
End Sub
' Our page has finished rendering so lets output the
' JavaScript to produce the alert's
Private Shared Sub ExecutingPage_Unload(sender As Object, e As EventArgs)
' Get our message queue from the hashtable
Dim queue As Queue = DirectCast(m_executingPages(HttpContext.Current.Handler), Queue)
If queue IsNot Nothing Then
Dim sb As New StringBuilder()
' How many messages have been registered?
Dim iMsgCount As Integer = queue.Count
' Use StringBuilder to build up our client slide JavaScript.
sb.Append("<script language='javascript'>")
' Loop round registered messages
Dim sMsg As String
While System.Math.Max(System.Threading.Interlocked.Decrement(iMsgCount),iMsgCount + 1) > 0
sMsg = DirectCast(queue.Dequeue(), String)
sMsg = sMsg.Replace(vbLf, "\n")
sMsg = sMsg.Replace("""", "'")
sb.Append("alert( """ & sMsg & """ );")
End While
' Close our JS
sb.Append("</script>")
' Were done, so remove our page reference from the hashtable
m_executingPages.Remove(HttpContext.Current.Handler)
' Write the JavaScript to the end of the response stream.
HttpContext.Current.Response.Write(sb.ToString())
End If
End Sub
End Class
ให้เอาสร้าง class ชือ MessageBox.vb แล้วไปวางไว้ใน app_code นะจ๊ะ