请高手帮忙,身份验证的问题??
string strConn = "server=pisim;uid=sa;pwd=sa;database=scms";
string strCmd = "select count(*) from user where(uid like'"+txb_uid.Text+"' and pwd like '"+txb_pwd.Text+"')";
SqlConnection myConnection = new SqlConnection(strConn);
SqlCommand myCommand = new SqlCommand(strCmd,myConnection);
myCommand.Connection.Open();
//检验用户
int flag =(int)myCommand.ExecuteScalar();
myCommand.Connection.Close();
myConnection.Close();
if( flag > 0 )
{
Session["uid"]=txb_uid.Text;
Response.Redirect("main.aspx");
}
else
{
Response.Redirect("login.aspx");
}
代码如上:
运行之后出现这个错:
“异常详细信息: System.Data.SqlClient.SqlException: 在关键字 'user' 附近有语法错误。”
呜呜 想了很久不知道怎么回事?请高手帮忙啊!