WebService连接SQL Server建立多用户登录验证服务

之前写过一篇文章是对于单用户移动客户端登录验证程序，主要是阐述一下移动客户端如何调用webservice，但对于一个正式应企业级应用程序，用户不可能只用一个用户（一个用户用得着登录验证码！！！自找麻烦把），

客户端调用请参考：http://www.voidcn.com/article/p-csmoqbrl-ze.html

所以添加多组用户信息是很有必要的，这里采用的数据库选择了SQL Server 2008 R2，数据库的建立工程很简单，

打开数据库软件新建数据库(这里的数据库名称是UserInfo)，并右击你所建立的数据库，一次选择任务—导入数据，可以将用户信息导入到新建的数据库中，同时通过数据库查询语言 ?select?* from UserInfo ?可以查看导入数据是否成功，由于这是测试，随意选择了四组用户信息（只有用户名和相应的密码），

数据库建设好后，就可以进行webservice的建立了，在VS中新建一个webservice网站，首先连接数据库，打开VS中数据库资源管理器窗口，右击 数据连接—添加连接? 打开添加连接对话框，并按照步骤一次填写内容，选择服务器名称（这个要与你所建立的数据库所在服务器对应，不然找不到自己的数据库），根据需要是否需要身份验证，并连接到数据库，之后就要进行代码的编写了。

新建一个分析数据库的类，DBConnection.cs

namespace WebService1
{
??? public class DBConnection:IDisposable
??? {
??????? public static SqlConnection sqlCon;
??????? String serverStr = "Data Source=localhost;Initial Catalog=Test;Persist Security Info=True;User ID=sa;Password=123";
??????? //构造默认函数
??????? public DBConnection()
??????? {
??????????? if (sqlCon == null)
??????????? {
??????????????? sqlCon = new SqlConnection();
??????????????? sqlCon.ConnectionString = serverStr;
??????????????? sqlCon.Open();???????????
??????????? }???????????
??????? }
??????? //关闭、销毁函数，相当于close();
??????? public void Dispose()
??????? {
??????????? if(sqlCon!=null)
??????????? {
??????????????? sqlCon.Close();
??????????????? sqlCon = null;
??????????? }
??????? }
??????? //查看数据库连接状态
??????? public Boolean SqlState()
??????? {
??????????? switch (sqlCon.State)
??????????? {
??????????????? case System.Data.ConnectionState.Connecting:
??????????????????? return true;
??????????????? case System.Data.ConnectionState.Broken:
??????????????????? return false;
??????????????? case System.Data.ConnectionState.Closed:
??????????????????? return false;
??????????????? default:
??????????????????? break;???????????????
??????????? }
??????????? return true;
??????? }

??????? /// <summary>
??????? /// 检测用户和密码是否正确
??????? /// </summary>
??????? /// <param name="name"></param>
??????? /// <param name="password"></param>
??????? /// <returns>string</returns>
??????? public string userCheck(string user_name,string user_password)
??????? {

??????????? String sqlStr = "select * from UserInfo where user_name='" + user_name.Trim() + "' and user_pawd='" + user_password.Trim() + "'";
??????????? SqlCommand cmd = new SqlCommand(sqlStr,sqlCon);
???????????
??????????? SqlDataReader sdr = cmd.ExecuteReader();
??????????? sdr.Read();
??????????? if (sdr.HasRows)
??????????? {
??????????????? sdr.Close();
??????????????? return "user_check_yes";
??????????? }
??????????? else
??????????? {
??????????????? sdr.Close();
??????????????? return "user_check_no";
??????????? }????????

??????? }
??????? /// <summary>
??????? /// 增加一条用户信息,用户注册
??????? /// </summary>
??????? /// <param name="user_name"></param>
??????? /// <param name="user_password"></param>
??????? /// <returns>string</returns>
??????? public string userInsert(string user_name,string user_password)
??????? {
??????????? String sqlStr = "select * from UserInfo where user_name='" + user_name.Trim() + "' and user_pawd='" + user_password.Trim() + "'";
??????????? SqlCommand cmd = new SqlCommand(sqlStr,sqlCon);

??????????? SqlDataReader sdr = cmd.ExecuteReader();
??????????? sdr.Read();
??????????? if (sdr.HasRows)
??????????? {
??????????????? return "user_insert_existed";
??????????? }
??????????? else
??????????? {
??????????????? sdr.Close();
??????????????? string insertStr = "insert into UserInfo(user_name,user_pawd) values ('" + user_name + "','" + user_password + "')";
??????????????? SqlCommand sqlCmd = new SqlCommand(insertStr,sqlCon);//定义OleDbCommnad对象并连接数据库
??????????????? sqlCmd.ExecuteNonQuery();//执行插入语句
??????????????? sqlCon.Close();//关闭对象并释放所占内存空间??
??????????????? sqlCon.Dispose();
??????????????? return "user_insert_ok";
??????????? }

??????? }

??????? /// <summary>
??????? /// 删除用户信息
??????? /// </summary>
??????? /// <param name="user_name"></param>
??????? /// <param name="user_password"></param>
??????? /// <returns>string</returns>
??????? public string userDelete(string user_name,sqlCon);

??????????? SqlDataReader sdr = cmd.ExecuteReader();
??????????? sdr.Read();
??????????? if (sdr.HasRows)
??????????? {
??????????????? sdr.Close();
??????????????? string deleteStr = "delete from UserInfo where user_name='" + user_name+"'";
??????????????? SqlCommand sqlCmd = new SqlCommand(deleteStr,sqlCon);?
??????????????? cmd.ExecuteNonQuery();?
??????????????? cmd.Dispose();?

??????????????? return "user_insert_ok";
??????????? }
??????????? else
??????????? {
??????????????? return "user_delete_unexist";
??????????? }????????
??????? }

??? }
}

在该类中，对数据库的处理有三种，查询，插入（用于注册新用户），删除，看需要进行调用

然后是在WebService1.asmx.cs中调用（这里只写了用户查询一种方法，用于测试）

?public class Service1 : System.Web.Services.WebService
??? {
??????? DBConnection dbOperation = new DBConnection();
??????? String result="";
??????? [WebMethod]
??????? public string HelloWorld()
??????? {
??????????? return "Hello World";
??????? }

??????? [WebMethod(Description = "查询")]
??????? public int login(string user_name,string user_password)
??????? {
??????????? result = dbOperation.userCheck(user_name,user_password);
??????????? if (result == "user_check_yes")
??????????? {
??????????????? return 1;
??????????? }
??????????? else if (result == "user_check_no")
??????????? {
??????????????? return 2;
??????????? }
??????????? else
??????????? {
??????????????? return 0;
??????????? }
??????? }

??????? //用户注册? insert（string，string）

??????? //用户删除? delete（string，string）??????
??? }

然后就可以运行测试了，测试结果：

正常运行就可以部署到IIS进行客户端调用了

客户端与服务器端进行登录验证的小程序到此告一段落，总会用到的···