数据库名字message
有表:dbo.mes
dbo.user
ID user pwd name qq email interest type
1 1 111111 1 1 jyzgw789@163.com 1 1
using System;
using System.Configuration;
using System.Collections;
using System.Data;
//using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
//using System.Xml.Linq;
using System.Data.SqlClient;
public partial class login : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
}
protected void Button1_Click(object sender, EventArgs e)
{
Response.Redirect("zhuce.aspx");
}
protected void Button2_Click(object sender, EventArgs e)
{
string name = text_user.Text;
string pwd = text_pwd.Text;
SqlConnection conn = new SqlConnection();
conn.ConnectionString = "server=ABD\\SQLEXPRESS;DataBase=message;Integrated Security=SSPI";
conn.Open();
string sqlstr = "select count(*)from user_user where user='" + name + "'and pwd='" + pwd + "'";
SqlCommand comm = new SqlCommand(sqlstr, conn);
int i = Convert.ToInt32(conn.ExecuteScalar());
conn.Close();
if (i > 0)
{
Response.Redirect("liuyanban.aspx");
}
else
this.Label4.Text = "登陆失败,用户名或密码错误!请重试。";
// Response.Redirect("liuyanban.aspx");
}
}
7 个解决方案
#1
是comm.ExecuteScalar
#2
好了,可是出现这个:
protected void Button2_Click(object sender, EventArgs e)
{
string name = text_user.Text;
string pwd = text_pwd.Text;
SqlConnection conn = new SqlConnection();
conn.ConnectionString = "server=ABD\\SQLEXPRESS;DataBase=message;Integrated Security=SSPI";
conn.Open();
string sqlstr = "select count(*)from user_user where user='" + name + "'and pwd='" + pwd + "'";
SqlCommand comm = new SqlCommand(sqlstr, conn);
int i = Convert.ToInt32(conn.ExecuteScalar()); conn.Close();
if (i > 0)
{
Response.Redirect("liuyanban.aspx");
}
else
this.Label4.Text = "登陆失败,用户名或密码错误!请重试。";
// Response.Redirect("liuyanban.aspx");
}
说用户代码未处理SqlException
关键字‘user’附近有语法错误
#3
using(SqlConnection conn = new SqlConnection(""))
{
conn.Open();
SqlCommand comm = new SqlCommand("select count(8) from ....", conn);
nt iCount = (int) comm.ExecuteScalar();
}
#4
string sqlstr = "select count(*) from user_user where [user]='" + name + "' and pwd='" + pwd + "'";
#5
string sqlstr = "select count(*)from user_user where user='" + name + "'and pwd='" + pwd + "'";
你的数据库表名不是user 吗
你的数据库表名不是user 吗
#6
user 是保留字,如果用于字段名需要用中括号包起来,[user]
#7
正解,另外参数最好可以用"@参数名"这样的来代替,避免受到攻击.
#1
是comm.ExecuteScalar
#2
好了,可是出现这个:
protected void Button2_Click(object sender, EventArgs e)
{
string name = text_user.Text;
string pwd = text_pwd.Text;
SqlConnection conn = new SqlConnection();
conn.ConnectionString = "server=ABD\\SQLEXPRESS;DataBase=message;Integrated Security=SSPI";
conn.Open();
string sqlstr = "select count(*)from user_user where user='" + name + "'and pwd='" + pwd + "'";
SqlCommand comm = new SqlCommand(sqlstr, conn);
int i = Convert.ToInt32(conn.ExecuteScalar()); conn.Close();
if (i > 0)
{
Response.Redirect("liuyanban.aspx");
}
else
this.Label4.Text = "登陆失败,用户名或密码错误!请重试。";
// Response.Redirect("liuyanban.aspx");
}
说用户代码未处理SqlException
关键字‘user’附近有语法错误
#3
using(SqlConnection conn = new SqlConnection(""))
{
conn.Open();
SqlCommand comm = new SqlCommand("select count(8) from ....", conn);
nt iCount = (int) comm.ExecuteScalar();
}
#4
string sqlstr = "select count(*) from user_user where [user]='" + name + "' and pwd='" + pwd + "'";
#5
string sqlstr = "select count(*)from user_user where user='" + name + "'and pwd='" + pwd + "'";
你的数据库表名不是user 吗
你的数据库表名不是user 吗
#6
user 是保留字,如果用于字段名需要用中括号包起来,[user]
#7
正解,另外参数最好可以用"@参数名"这样的来代替,避免受到攻击.