单击登录按钮后,就算输入错的用户名和密码,也能跳到指定页面请高手帮忙改下:
aseClass bc = new BaseClass();
protected void Page_Load(object sender, EventArgs e)
{ }
protected void Button_Click(object sender, EventArgs e)
{
DataSet ds=bc.GetDataSet("select count(*) from tb_Admin where AdminName='"+this.txt1.Text+"'and Password='"+this.txt3.Text+"'","tb_Admin");
if(ds.Tables[0].Rows.Count>0)
{
bc.ExecSQL("update tb_Admin set LoadDate='"+DateTime.Now+"'where AdminName='"+this.txt1.Text+"'");
Session["CurrentUser"]=this.txt1.Text;
Response.Redirect("~/Default.aspx");
}
else
{
Response.Write(bc.MessageBox("用户名错误!"));
}
aseClass bc = new BaseClass();
protected void Page_Load(object sender, EventArgs e)
{ }
protected void Button_Click(object sender, EventArgs e)
{
DataSet ds=bc.GetDataSet("select count(*) from tb_Admin where AdminName='"+this.txt1.Text+"'and Password='"+this.txt3.Text+"'","tb_Admin");
if(ds.Tables[0].Rows.Count>0)
{
bc.ExecSQL("update tb_Admin set LoadDate='"+DateTime.Now+"'where AdminName='"+this.txt1.Text+"'");
Session["CurrentUser"]=this.txt1.Text;
Response.Redirect("~/Default.aspx");
}
else
{
Response.Write(bc.MessageBox("用户名错误!"));
}
=====================================
判断有问题
就改为:
if(ds.Tables[0].Rows[0][0] != "0")
{
bc.ExecSQL("update tb_Admin set LoadDate='"+DateTime.Now+"'where AdminName='"+this.txt1.Text+"'");
//Session["CurrentUser"]=this.txt1.Text;
//Response.Redirect("~/Default.aspx");
}
else
{
Response.Write(bc.MessageBox("用户名错误!"));
}
Session["CurrentUser"]=this.txt1.Text;
Response.Redirect("~/Default.aspx");
select count(*) from tb_Admin where AdminName='"+this.txt1.Text+"'and Password='"+this.txt3.Text+"'
在查询里执行看看
{
SqlCommand cmd = new SqlCommand(Sql, Connection);
reader = cmd.ExecuteReader();
Connection.Close();
Connection.Dispose();
return reader;
}
改成 select *
if(ds.Tables[0].Rows.Count>0)
=====================================
判断有问题
就改为:
if(ds.Tables[0].Rows[0][0] != "0") 如果你 有错误的话,那就是if(ds.Tables[0].Rows[0][0].ToString() != "0")