34,837
社区成员




select * from sys.objects where name like '%user%' and type='u'
看下这个里面有没有。找一人家的密码应该也不会明文的。是加密数据。using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.SqlClient;
using System.Configuration;
using System.Data;
namespace tushuguanli
{
public partial class login : System.Web.UI.Page
{
DBClass dbObj = new DBClass();
protected void Page_Load(object sender, EventArgs e)
{
}
protected void Button2_Click(object sender, EventArgs e)
{
Response.Redirect("zhuce.aspx");
}
protected void Button1_Click(object sender, EventArgs e)
{
if (DropDownList1.SelectedIndex.ToString() == "0")
{
Response.Write(@"<script language = 'javascript'>alert('请选择身份!');</script");
}
else
{
Session["flag"] = DropDownList1.SelectedValue;
string user = TextBox1.Text.Trim();
string password = TextBox2.Text.Trim();
string flag = DropDownList1.SelectedValue.ToString();
Session["UID"] = aa(user, password, flag);
int roomId = Convert.ToInt32(Session["UID"]);
if (roomId > 0)
{
Session["user"] = user;
Session["pas"] = password;
Response.Redirect("main.aspx");
}
else
{
Response.Write(@"<script language = 'javascript'>alert('用户名或密码不正确');</script");
}
}
}
protected string aa(string UName, string Upwd, string Ustate)
{
string UID = "0";
//SqlConnection cn = new SqlConnection("server=.;database=demo;user=sa;pwd=123");
SqlConnection cn = dbObj.GetConnection();
string sql = "select UID from userinfo where UName = '" + UName + "'and Upwd='" + Upwd + "'and Ustate='" + Ustate + "'";
cn.Open();
SqlCommand cmd = new SqlCommand(sql, cn);
SqlDataReader dr = cmd.ExecuteReader();
if (dr.Read())
{
UID = dr["UID"].ToString();
}
dr.Close();
cn.Close();
return UID;
}
}
}