<configuration>
<location path="~/Default.aspx">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
<appSettings/>
<connectionStrings/>
<system.web>
<authentication mode="Forms">
<forms name="aa" loginUrl="Default.aspx" defaultUrl="Register.aspx" cookieless="UseUri" slidingExpiration="true" timeout="20" enableCrossAppRedirects="false" protection="All">
<credentials passwordFormat="Clear">
<user name="aa" password="aa"/>
<user name="=bb" password="bb"/>
</credentials>
</forms>
</authentication>
<authorization>
<deny users="?"/>
<allow users="*"/>
</authorization>
</system.web>
</configuration>
string strsql= "server=(local);uid=sa;pwd=sa;database=GUOFENG";
SqlConnection conn=new SqlConnection(strsql);
conn.Open();
string str = "select count(*) from Users where UsersName='" + this.TextBox2.Text + "'and PassWord='" + GetMD5( this.TextBox1.Text) + "'";
SqlCommand comm = new SqlCommand(str,conn);
int n = (int)comm.ExecuteScalar();
if (n == 0)
FormsAuthentication.RedirectFromLoginPage(this.TextBox2.Text, false);//就是这句话让程序判断是否通过验证的,如果写成下面的,就永远无法通过身份验证
//Response.Redirect("~/Register.aspx");
else
HttpContext.Current.Response.Write("<script>alert('失败');</script>");