急!大哥们帮忙看下代码错在那(ASP.net2.0 sql2000 vs2005)
前台代码:
<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Default.aspx.cs" Inherits="admin_Default" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>后台登陆</title>
</head>
<body>
<form id="form1" runat="server">
<div>
<center>
<table>
<tr>
<td align="center" colspan="2" class="login1" style="width:300px; height:30px">登陆窗口</td>
</tr>
<tr>
<td align="center" colspan="1" class="login2" style="width:100px; height:30px">用户名
</td>
<td align="center" colspan="1" class="login2" style="width:200px; height:30px">
<asp:TextBox ID="name" runat="server" Width="190px"></asp:TextBox></td>
</tr>
<tr>
<td align="center" colspan="1" class="login2" style="width:100px; height:30px">密 码
</td>
<td align="center" colspan="1" class="login2" style="width:200px; height:30px">
<asp:TextBox ID="pwd" runat="server" Width="188px" TextMode="Password" ></asp:TextBox></td>
</tr>
<tr>
<td align="center" colspan="2" class="login1" style="width:300px; height:30px">
<asp:Button ID="Button1" runat="server" OnClick="Button1_Click" Text="登陆" /> <input id="reset1" type="reset" value="重置" /></td>
</tr>
</table>
</center>
</div>
</form>
</body>
</html>
后台代码:
using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Data.SqlClient;
public partial class admin_Default : System.Web.UI.Page
{
SqlConnection conn = new SqlConnection("server=127.0.0.1;uid=sa;pwd=sa;database=network");
protected void Button1_Click(object sender, EventArgs e)
{
SqlCommand cmd = new SqlCommand("select * from user where Uname='" + name.Text.ToString() + "' and Pwd = '" + pwd.Text.ToString() + "' ", conn);
conn.Open();
SqlDataReader sd = cmd.ExecuteReader();
if (name.Text != "" &&pwd.Text!="")
{
if (sd.Read())
{
Response.Write("<script>alert('登陆成功!');</script>");
}
else
{
Response.Write("<script>alert('用户名或密码出错');</script>");
}
}
else
{
Response.Write("<script>alert('请输入用户名和密码');</script>");
}
}
}
数据库:user
Uname varchar(50)
Pwd varchar(50)
提示的错误是:
在关键字 'user' 附近有语法错误