try
{
con = new SqlConnection(str);
SqlCommand cmd = con.CreateCommand();
con.Open();
cmd.CommandText = "SELECT * FROM tb_register WHERE username =='"+tb_username.Text.Trim()+"'AND [password]=='"+tb_password.Text.Trim()+"'";
cmd.ExecuteNonQuery();
SqlDataReader dr = cmd.ExecuteReader();
if (dr.Read())
{
if (dr["username"] != null && dr["password"] != null)
imgbtn_login.PostBackUrl = "~/Default.aspx";
else
Response.Write("<script>alert('密码或用户名不对,请修改!');</script>");
dr.Close();
}
con.Close();
}
catch (Exception ee)
{
throw ee;
}
调试时始终报错:cmd.ExecuteNonQuery() ,'='附近出错。
原来sql语句中与我们平时判断相等符号不一样只需一个等号就可以了。
改为:
cmd.CommandText = "SELECT * FROM tb_register WHERE username ='"+tb_username.Text.Trim()+"'AND [password]='"+tb_password.Text.Trim()+"'";
cmd.ExecuteNonQuery();
这是一个经常犯错的地方,所以特长记下来,希望对大家有帮助!