ASP. NET -- from verification: All code and explanations

About forms VerificationArticleI spent one and a half days learning "a little bit ",
NowCodeI want to share with you all the help for beginners like me, and give some tips:

Step 1: Create a database (Database: myforms; Table: users; field: ID, username, userpwd );
Step 2: create a website. The code for the Web. config file is as follows:

All Web. config code
<? XML version = "1.0" ?>
< Configuration >
< Appsettings />
< Connectionstrings />

< System . Web >
< Compilation Debug = "True" />

< Sessionstate Cookieless = "Autodetect" />
<! -- When the browser disables cookies -->

< Authentication Mode = "Forms" >
< Forms Name = "Cookiename" Loginurl = "Login. aspx" Protection = "All" > </ Forms >
<! -- Loginurl is the logon URL. If there is no authentication cookie, the client will be redirected to this URL. -->
</ Authentication >

< Authorization >
< Deny Users = "? " />  
</ Authorization >

< Customerrors Mode = "On" Defaultredirect = "Genericerrorpage.htm" >
< Error Statuscode = "403" Redirect = "Noaccess.htm"   />
< Error Statuscode = "404" Redirect = "Filenotfound.htm"   />
</ Customerrors >

</ System. Web >

</ Configuration >

Step 3: Add a login. ASPX page. Drag two Textbox, one button, and one checkbox;
Set the text attribute of the checkbox to "whether to save cookis ";
Step 4: The hidden code of login. aspx is as follows:

Hide all login code
Using System;
Using System. Data;
Using System. configuration;
Using System. Web;
Using System. Web. Security;
Using System. Web. UI;
Using System. Web. UI. webcontrols;
Using System. Web. UI. webcontrols. webparts;
Using System. Web. UI. htmlcontrols;
Using System. Data. sqlclient; // Import namespace

Public Partial Class _ Default: system. Web. UI. Page
{
Protected   Void Page_load ( Object Sender, eventargs E)
{

}
Protected   Void Button#click ( Object Sender, eventargs E)
{
String Username = Textbox1.text. Trim ();
String Userpwd = Textbox2.text. Trim ();
Sqlconnection con =   New Sqlconnection ( " Server =.; database = myforms; user id = sa; Password = 123456 " );
Con. open ();
Sqlcommand cmd =   New Sqlcommand ( " Select count (*) from users where username =' "   + Username +   " And userpwd =' "   + Userpwd +   " ' " , Con );
Int Count = Convert. toint32 (CMD. executescalar ());
If (Count >   0 )
{
System. Web. Security. formsauthentication. setauthcookie ( This . Textbox1.text, This . Checkbox1.checked );
Response. Redirect ( " Default. aspx " );
// The above two rows can also be changed to the following line. If verification is passed, the request page is directly switched without the need for responsel. Redirect ("");
// System. Web. Security. formsauthentication. redirectfromloginpage (this. textbox1.text, false );
}

Else
{
Response. Write ("The user is invalid.");
}
}
}

Step 5: drag a button to default. aspx and set the text attribute to "logout". The event code is as follows:

Button Event code

code highlighting produced by actipro codehighlighter (freeware)
http://www.CodeHighlighter.com/

--> protected void button#click ( Object sender, eventargs E)
{< br> system. web. security. formsauthentication. signout ();
}