帮忙看一下此代码错误
SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["SqlDatabase1"].ConnectionString);
SqlCommand cmd = new SqlCommand("select * from Member where MemberName='"+txtMemberName.Text+"' and Password '"+txtPassword.Text+"'",conn);
try
{
conn.Open();
SqlDataReader sdr=cmd.ExecuteReader();
if(sdr.Read())
{
if(sdr["Password "].ToString() == txtPassword.Text)
{
conn.Close();
Session["MemberName"] = txtMemberName.Text.Trim();
Response.Redirect("WebForm2.aspx");
}
else
{
Response.Write("<script language=javascript>alert('密码错误!')</script>");
}
}
else
{
Response.Write("<script language=javascript>alert('用户名错误或不存在!')</script>");
}
}
finally
{
conn.Close();
}
调试时 提示 SqlDataReader sdr=cmd.ExecuteReader(); 有语法错误