ASP.NET中的cookie,该如何解决
ASP.NET中的cookie
我在登陆时,把用户名和角色保存在cookie里面;在注销时把cookie里面的值给清空了,但我下次浏览页面时,不用登陆也能进到管理员页面里,什么原因???
登陆页面代码:
注销按钮代码:
我在登陆时,把用户名和角色保存在cookie里面;在注销时把cookie里面的值给清空了,但我下次浏览页面时,不用登陆也能进到管理员页面里,什么原因???
登陆页面代码:
#region "登陆"
protected void btnlogin_Click(object sender, EventArgs e)
{
HttpCookie userId = new HttpCookie("loginId");
//HttpCookie userPwd = new HttpCookie("loginPwd");
HttpCookie roleId = new HttpCookie("roleId");
string name= txtUserName.Text.Trim();
string pwd = txtPwd.Text.Trim();
string roles = ddlselect.SelectedValue;
int result = SEC_USERManager.GetLoginByIdPwd(name, pwd);
if (result>0)
{
userId.Value = name;
//userPwd.Value = pwd;
roleId.Value = roles;
//设置过期时间
userId.Expires = DateTime.Now.AddDays(1);
//userPwd.Expires = DateTime.Now.AddMinutes(1);
roleId.Expires = DateTime.Now.AddDays(7);
Response.Cookies.Add(userId);
//Response.Cookies.Add(userPwd);
Response.Cookies.Add(roleId);
Response.Redirect("Main.aspx");
}
else
{
Response.Write("请重新登陆");
return;
}
}
#endregion
注销按钮代码: