SqlConnection conn = new SqlConnection(ConfigurationManager.AppSettings["ConnectionString"]);
SqlCommand cmd = new SqlCommand("select * from userlogin where useremail='" + this.Login1.UserName + "' and pwd = '" + System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(this.Login1.Password.Trim(), "MD5") + "';", conn);
try
{
conn.Open();
SqlDataReader dr = cmd.ExecuteReader();
if (dr.Read())
{
//Session["userAuth"] = modeluser.Purview;
Session.Add("userName", null);
Session["userName"] = dr["username"];
Session["userID"] = dr["useremail"];
//将已验证身份的用户重定向回最初请求的 URL。
FormsAuthentication.RedirectFromLoginPage(this.Login1.UserName.Trim(), false);
if (Convert.ToInt32(dr["validate"]) == 1)
{
Response.Redirect(@"~/temp/MakeCourse.aspx", false);
}
else
{
Response.Write("<script>alert('对不起,只有经过管理员审批才能制作!')</script>");
}
}
else
{