sql = "select count(*) from table where '" & 用户名输入框.Text.Replace("'","''") & "' and '" & 密码框.Text.Replace("'","''") & "'"
求取它的值,为0表示没有此用户
if 值="0" then
response.write("<script>alert('无此用户');</script>")
response.end()
end if
Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
Dim struser As String
Dim strpass As String
Dim bjuser As String
Dim bjpass As String
If Trim(TextBox1.Text) = "" Or Trim(TextBox2.Text) = "" Then
Response.Write("<script>alert('用户名或者密码不能为空');</script>")
Exit Sub
Else
struser = Replace(TextBox1.Text, "'", "")
strpass = Replace(TextBox2.Text, "'", "")
End If
conn = New SqlClient.SqlConnection("server=192.168.1.5;UID=hackate;PWD=123;database=hackate")
conn.Open()
cmd = New SqlClient.SqlCommand("select * from admin where id=1", conn)
rs = cmd.ExecuteReader()
rs.Read()
bjuser = rs("admin_name")
bjpass = rs("admin_pass")
rs.Close()
conn.Close()
If (struser <> bjuser) Or (strpass <> bjpass) Then
Response.Write("<script>alert('用户名或者密码错误!');</script>")
Else
Session("admin") = bjuser
Response.Write("<script>alert('恭喜您,登陆成功!');location.href='admin.aspx';</script>")
End If
End Sub