using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Text;
using System.Windows.Forms;
using System.Data.SqlClient;
using System.Configuration;
namespace WindowsApplication10
{
public partial class Form1 : Form
{
private string connectionString = System.Configuration.ConfigurationManager.ConnectionStrings["MyDB"].ConnectionString;
public Form1()
{
InitializeComponent();
}
private void button1_Click(object sender, EventArgs e)
{
SqlConnection con = new SqlConnection(connectionString);
try
{
string sql = "select * from Table_1 where Table_1.用户名=@username and Table_1.密码=@pwd";
SqlCommand cmd = new SqlCommand(sql, con);
cmd.Parameters.AddWithValue("@username", textBox1.Text);
cmd.Parameters.AddWithValue("@pwd", textBox2.Text);
con.Open();
//cmd.Connection = con;
SqlDataAdapter da = new SqlDataAdapter(cmd);
DataTable dt = new DataTable();
da.Fill(dt);
if (dt.Rows.Count > 0)
{
MessageBox.Show("成功!");
}
else
{
MessageBox.Show("失败!");
}
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
finally
{
con.Close();
}
}
}
}
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Text;
using System.Windows.Forms;
using System.Data.SqlClient;
using System.Configuration;
namespace WindowsApplication10
{
public partial class Form1 : Form
{
private string connectionString = System.Configuration.ConfigurationManager.ConnectionStrings["MyDB"].ConnectionString;
public Form1()
{
InitializeComponent();
}
private void button1_Click(object sender, EventArgs e)
{
SqlConnection con = new SqlConnection(connectionString);
try
{
string sql = "select * from Table_1 where Table_1.用户名=@username and Table_1.密码=@pwd";
SqlCommand cmd = new SqlCommand(sql, con);
cmd.Parameters.AddWithValue("@username", textBox1.Text);
cmd.Parameters.AddWithValue("@pwd", textBox2.Text);
con.Open();
//cmd.Connection = con;
SqlDataAdapter da = new SqlDataAdapter(cmd);
DataTable dt = new DataTable();
da.Fill(dt);
if (dt.Rows.Count > 0)
{
MessageBox.Show("成功!");
}
else
{
MessageBox.Show("失败!");
}
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
finally
{
con.Close();
}
}
}
}
string sql="select * from Table_1 where 用户名='"+this.textBox1.Text+"',密码='"+this.textBox2.Text+"'";
SqlCommand sqlcmd=new SqlCommand(sql,this.conn);
int i=sqlcmd.ExecuteNonQuery();
if(i!=0){判断用户名和密码}
换成:
string sql = "select * from Table_1 where Table_1.用户名=@username and Table_1.密码=@pwd";
SqlCommand cmd = new SqlCommand(sql, conn);
cmd.Parameters.AddWithValue("@username", textBox1.Text);
cmd.Parameters.AddWithValue("@pwd", textBox2.Text);
conn.Open();
SqlDataAdapter da = new SqlDataAdapter(cmd);
DataTable dt = new DataTable();
da.Fill(dt);
if (dt.Rows.Count > 0) {
MessageBox.Show("成功!");
} else {
MessageBox.Show("失败!");
}
public partial class Form1 : Form
{
private string connectionString = System.Configuration.ConfigurationManager.ConnectionStrings["MyDB"].ConnectionString;
public Form1()
{
InitializeComponent();
}
private void button1_Click(object sender, EventArgs e)
{
SqlConnection con = new SqlConnection(connectionString);
try {
string sql = "select * from Table_1 where Table_1.用户名=@username and Table_1.密码=@pwd";
SqlCommand cmd = new SqlCommand(sql, con);
cmd.Parameters.AddWithValue("@username", textBox1.Text);
cmd.Parameters.AddWithValue("@pwd", textBox2.Text);
con.Open();
//cmd.Connection = con;
SqlDataAdapter da = new SqlDataAdapter(cmd);
DataTable dt = new DataTable();
da.Fill(dt);
public partial class Form1 : Form
{
private string connectionString = System.Configuration.ConfigurationManager.ConnectionStrings["MyDB"].ConnectionString;
public Form1()
{
InitializeComponent();
}
private void button1_Click(object sender, EventArgs e)
{
SqlConnection con = new SqlConnection(connectionString);
try {
string sql = "select * from Table_1 where Table_1.用户名=@username and Table_1.密码=@pwd";
SqlCommand cmd = new SqlCommand(sql, con);
cmd.Parameters.AddWithValue("@username", textBox1.Text);
cmd.Parameters.AddWithValue("@pwd", textBox2.Text);
con.Open();
//cmd.Connection = con;
SqlDataAdapter da = new SqlDataAdapter(cmd);
DataTable dt = new DataTable();
da.Fill(dt);