private void btnLogin_Click(object sender, EventArgs e)
{
string strUser, strPwd;
int intCount=0;
SqlConnection con = DB.createCon();
SqlCommand com = new SqlCommand();
com.CommandType = CommandType.StoredProcedure;
com.CommandText = "userInfo_select_count";
strUser = txtUser.Text;
strPwd = txtPwd.Text;
SqlParameter[] paras = new SqlParameter[3];
paras[0] = new SqlParameter("@name", strUser);
paras[1] = new SqlParameter("@password", strPwd);
paras[2] = new SqlParameter("@count", intCount);
paras[2].Direction = ParameterDirection.Output;
foreach (IDataParameter para in paras)
{
com.Parameters.Add(para);
}
con.Open();
com.Connection= con;
com.ExecuteNonQuery();
intCount = Convert.ToInt32( com.Parameters[2].Value.ToString());
if (intCount == 1)
Response.Redirect("Main.aspx");
else
{
lbl.Visible = true;
lbl.Text = intCount.ToString();
}
CREATE PROCEDURE [dbo].[userInfo_select_count]
@name varchar(20),
@password varchar(20),
@count int output
AS
select @count=count(*) from userInfo where name = @name and password =@password
GO