protected void Button1_Click(object sender, EventArgs e) { string myconnectionstring = System.Configuration.ConfigurationManager.AppSettings["connstr"]; string mycommandstring = "SELECT * FROM who where who_name=" + "’" + TextBox1.Text + "’" + "and who_pwd = " + "’" + TextBox2.Text+ "’"; SqlConnection myconnection = new SqlConnection(myconnectionstring); SqlCommand mycommand = new SqlCommand(mycommandstring, myconnection); myconnection.Open(); SqlDataReader myreader = mycommand.ExecuteReader(); if (myreader.Read()) { Session["name"] = myreader["who_name"].ToString(); Response.Redirect("postdoing.aspx"); } else { Response.Write("<script>alert(‘用户名或密码不正确,请重新登陆’);</script>"); Response.Redirect("login.aspx"); } }
protected void Button2_Click(object sender, EventArgs e) { TextBox1.Text = TextBox2.Text = ""; }