UC知道ASP.net 做登陆页面错误
来源:百度知道 编辑:UC知道 时间:2024/05/04 03:47:16
SqlConnection conn = new SqlConnection();
SqlCommand cmd = new SqlCommand();
SqlDataReader dr = null;
conn.ConnectionString = "data source=.;database=test;uid=sa;pwd=";
cmd.Connection = conn;
cmd.CommandText = "select * from [user] where uname="+ TextBox1.Text +" and upass="+ TextBox2.Text +"";
conn.Open();
dr = cmd.ExecuteReader();
if(dr.Read())
{
Label1.Text = "登陆成功!";
}
执行后在 System.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection) 在 System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection) 在 System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj) 在 System.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHand
SqlCommand cmd = new SqlCommand();
SqlDataReader dr = null;
conn.ConnectionString = "data source=.;database=test;uid=sa;pwd=";
cmd.Connection = conn;
cmd.CommandText = "select * from [user] where uname="+ TextBox1.Text +" and upass="+ TextBox2.Text +"";
conn.Open();
dr = cmd.ExecuteReader();
if(dr.Read())
{
Label1.Text = "登陆成功!";
}
执行后在 System.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection) 在 System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection) 在 System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj) 在 System.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHand
cmd.CommandText = "select * from [user] where uname="+ TextBox1.Text +" and upass="+ TextBox2.Text +"";
这句不是有明显错误吗? 显然uname是字符型字段,应该在 TextBox1.Text 前加 单引号, upass 同理
cmd.CommandText = "select * from [user] where uname='"+ TextBox1.Text +"' and upass='"+ TextBox2.Text +"'";