在启明星的演示站点里,经常有用户修改演示密码,导致别的用户无法访问。
为此,在登陆页面,增加了一个“初始化数据库”功能,这样,即使用户修改了密码,别的访问者,只要重置数据库,就可以很容易再次进入。
首先,利用MSSQL Manage Studio生产脚本放到网站下。
下面是SQL.aspx源代码
<%@ Page Language="C#" AutoEventWireup="true" %>
<%@ Import Namespace="System" %>
<%@ Import Namespace="System.Data.SqlClient" %>
<%@ Import Namespace="System.Data" %>
<%@ Import Namespace="System.Web.Configuration" %>
<%@ Import Namespace="System.IO" %>
<%@ Import Namespace="System.Text" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
protected void btnInitDb_Click(object sender, EventArgs e)
{
string connectionString = System.Web.Configuration.WebConfigurationManager.ConnectionStrings["connectionstring"].ConnectionString;
string DBName = "book.sql";
//try
//{
// this.Response.Write("Write connecting string to web.config<BR>");
// Configuration config = System.Web.Configuration.WebConfigurationManager.OpenWebConfiguration(HttpContext.Current.Request.ApplicationPath);
// string csName = "connectionstring";
// ConnectionStringsSection csSection = config.ConnectionStrings;
// csSection.ConnectionStrings[csName].ConnectionString = connectionString;
// config.Save(ConfigurationSaveMode.Modified);
//}
//catch (Exception ex)
//{
// Response.Write("写入web.config数据错误:" + ex.ToString());
// return;
//}
SqlConnection conn = null;
try
{
using (StreamReader sr = new StreamReader(Server.MapPath("~/app_data/"+DBName)))
{
// Create new connection to database
conn = new SqlConnection(connectionString);
conn.Open();
while (!sr.EndOfStream)
{
StringBuilder sb = new StringBuilder();
SqlCommand cmd = conn.CreateCommand();
while (!sr.EndOfStream)
{
string s = sr.ReadLine();
if (s != null && s.ToUpper().Trim().Equals("GO"))
{
break;
}
sb.AppendLine(s);
}
// Execute T-SQL against the target database
cmd.CommandText = sb.ToString();
cmd.CommandTimeout = 3000;
cmd.ExecuteNonQuery();
}
}
Response.Redirect("default.aspx");
// Page.RegisterClientScriptBlock("success", "<script>alert(‘安装成功,系统自动跳转到首页‘); window.location=‘../default.aspx‘; </script> ");
}
catch (Exception ex)
{
this.Response.Write(String.Format("An error occured: {0}", ex.ToString()));
return;
}
finally
{
if (conn != null)
{
try
{
conn.Close();
conn.Dispose();
}
catch (Exception ee)
{
this.Response.Write(String.Format(@"Could not close the connection. Error was {0}", ee.ToString()));
}
}
}
}
</script>
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title>数据库工具</title>
</head>
<body>
<form id="form1" runat="server">
<div>
初始化数据库将把系统还原为原始状态,初始化后即可用admin登陆.
</div>
<asp:Button ID="btnInitDb" runat="server" onclick="btnInitDb_Click" Text="初始化数据库" />
</form>
</body>
</html>
注意红色部分,如果你使用,请修改为你自己的数据库信息。
这样,就再也不担心用户随便修改数据库账户了
你也可以单击此处下载源代码 http://files.cnblogs.com/files/mqingqing123/SQL.rar
原文:http://www.cnblogs.com/mqingqing123/p/4463761.html