where name='"+this.TextBox1.Text+"'and pwd='"+this.TextBox2.Text+"'"; cmd.Connection=conn; int i=(int)cmd.ExecuteScalar(); Response.Write(i.ToString());
if(i==1)
{
Response.Redirect("add.aspx");}
else
{
Label1.Text="error!"
}
第二种途径
SqlConnection conn =new SqlConnection("server=;database=news;uid=sa;pwd="); conn.Open();//打开数据库 SqlCommand cmd=new SqlCommand();//建立命令对象 cmd.CommandText="select count(*)from users where name=@name and pwd=@pwd"; cmd.Connection=conn;//设置连接 SqlParameter p= new SqlParameter("@name",SqlDbType.Char,10); //定义参数 p.Value=this.TextBox1.Text; cmd.Parameters.Add(p);//添加参数到集合 p= new SqlParameter("@pwd",SqlDbType.Char,10); p.Value=this.TextBox2.Text; cmd.Parameters.Add(p); int i=(int)cmd.ExecuteScalar(); if(i==1) { Response.Redirect("add.aspx");} else { Label1.Text="error!" }