62,047
社区成员
发帖
与我相关
我的任务
分享
Imports System.Data
Imports System.Data.SqlClient
Partial Class Default2
Inherits System.Web.UI.Page
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
End Sub
Protected Sub Button1_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button1.Click
Dim connString = "data source=(local);initial catalog=bookdata;integrated security=sspi;"
Dim sql As String = "SELECT COUNT(*) FROM userinfo WHERE user=@user AND pws=@pws"
Dim user As String = Trim(TextBox1.Text)
Dim pws As String = Trim(TextBox2.Text)
Dim ret As Integer = 0
Using conn As New SqlConnection(connString)
Dim cmd As New SqlCommand(sql, conn)
cmd.Parameters.Add("@user", SqlDbType.Char, 20)
cmd.Parameters.Add("@pws", SqlDbType.Char, 10)
cmd.Parameters("@user").Value = user
cmd.Parameters("@pws").Value = pws
Try
conn.Open()
ret = Convert.ToInt32(cmd.ExecuteScalar())
Catch ex As Exception
'Console.WriteLine(ex.Message)
End Try
End Using
If ret > 0 Then
Session.Add("user", User)
Response.Redirect("login.aspx")
Else
Response.Write("<script>alert('登录失败!')</script>")
TextBox1.Text = ""
TextBox2.Text = ""
TextBox1.Focus()
End If
End Sub
Protected Sub Button2_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button2.Click
TextBox1.Text = ""
TextBox2.Text = ""
End Sub
End Class
Dim cm As New SqlCommand("select * from userinfo where user=@user and pws=@pws", cn)
cm.Parameters.Add("@user", SqlDbType.Char, 20)
cm.Parameters.Add("@pws", SqlDbType.Char, 10)
cm.Parameters("@user").Value = user
cm.Parameters("@pws").Value = pws
If cm.ExecuteScalar() <> Nothing Then
Session.Add("user", User)
你这样写参数进去了吗? 我没试过这样写 感觉你的@user和@pws参数没用,可能是我没这么用过吧