privatevoidbtnLogin_Click(object sender,EventArgs e){string user = username.Text.Trim().Replace("请输入用户名","");//取得输入的用户名string pass = password.Text.Replace("请输入密码","");//取得输入的密码if(string.IsNullOrEmpty(user)){
MessageBox.Show("请输入用户名!","提示", MessageBoxButtons.OK, MessageBoxIcon.Information);return;}elseif(string.IsNullOrEmpty(pass)){
MessageBox.Show("请输入密码!","提示", MessageBoxButtons.OK, MessageBoxIcon.Information);return;}else{//创建sql语句,其中密码采用md5加密string sql =string.Format(@"SELECT TOP 1 UserRoleId FROM T_Users WHERE UserId='{0}' AND UserPassword='{1}' AND Status=1 AND IsDel=0", user, DES.MD5Encrypt(pass));//执行查询,返回表里的数据DataTable dt = SqlHelper.ExecuteSelect(SqlHelper.ConnSqlServerString, sql);if(dt !=null&& dt.Rows.Count >0){FrmMain frmmain =newFrmMain(dt.Rows[0]["UserRoleId"].ToString());Hide();
IniHelper.UpdateConfigValue("登录设置","登录账号", user);
UserId = user;
frmmain.Show();return;}else{
MessageBox.Show("用户名或密码有误,请重新输入!","失败", MessageBoxButtons.OK, MessageBoxIcon.Warning);return;}}}
注入操作
//创建sql语句,其中密码采用md5加密string sql =string.Format(@"SELECT TOP 1 UserRoleId FROM T_Users WHERE UserId='{0}' AND UserPassword='{1}' AND Status=1 AND IsDel=0", user, DES.MD5Encrypt(pass));