void Login()
{
string strConn=ConfigurationSettings.AppSettings["conn"];
SqlConnection myConn=new SqlConnection(strConn);
string strSQL ="select * from tb_UserInfo where UserName='"+tbUserName.Text.Trim()+"and userPass='"+tbUserPass.Text.Trim()+"'";
SqlCommand myCmd=new SqlCommand(strSQL,myConn);
myConn.open();
SqlDataReader myRead=myConn.ExecuteReader();
int i=0;
while(myRead.Read())
{
i++;
Session["UserName"]=myRead.GetString(1);
}
myConn.Close();
if(i==0)
{
Response.Write("<script>alert('用户名或密码错误!');</script>");
Response.Redirect("Login.aspx");
}else{
Response.Write("LoginSuccess.aspx?parm1="+tbUserName.Text.Trim());
}
}
{
string strConn=ConfigurationSettings.AppSettings["conn"];
SqlConnection myConn=new SqlConnection(strConn);
string strSQL ="select * from tb_UserInfo where UserName='"+tbUserName.Text.Trim()+"and userPass='"+tbUserPass.Text.Trim()+"'";
SqlCommand myCmd=new SqlCommand(strSQL,myConn);
myConn.open();
SqlDataReader myRead=myConn.ExecuteReader();
int i=0;
while(myRead.Read())
{
i++;
Session["UserName"]=myRead.GetString(1);
}
myConn.Close();
if(i==0)
{
Response.Write("<script>alert('用户名或密码错误!');</script>");
Response.Redirect("Login.aspx");
}else{
Response.Write("LoginSuccess.aspx?parm1="+tbUserName.Text.Trim());
}
}