protected void bn_Click(object sender, EventArgs e)
{
SqlConnection con = new SqlConnection();
con.ConnectionString = "Data Source=.\\SQLEXPRESS;AttachDbFilename=F:\\hzcl\\App_Data\\user.mdf;Integrated Security=True;Connect Timeout=30;User Instance=True";
con.Open();
string w = ud.Text.ToString();
string n = pw.Text.ToString();
string str = string.Format("select * from [usernp] where username='{0}'and userpw='{1}'", w, n);
//string str = "select * from usernp where username="+ w +"and userpw= " + n + "";
TextBox1.Text = str;// str的值为:select * from [usernp] where username='admin1'and userpw='123456'
SqlCommand conn = new SqlCommand(str, con);
int k = Convert.ToInt32(conn.ExecuteNonQuery());
//TextBox1.Text = k.ToString(); //而得到的为-1
if (k > 0)
{
Session["check"] = 1;
Response.Redirect("cl.aspx");
con.Close();
}
else
{
Session["check"] = 0;
//Response.Redirect("error.aspx");
con.Close();
}
usernp表的数据为:
username userpw
admin1 123456
admin2 123456
admin3 123456 //类型为char(10)
当我在登录框里输入 admin1 密码:123456 时 得到conn.ExecuteNonQuery()值为-1 这是什么原因啊?急。
{
SqlConnection con = new SqlConnection();
con.ConnectionString = "Data Source=.\\SQLEXPRESS;AttachDbFilename=F:\\hzcl\\App_Data\\user.mdf;Integrated Security=True;Connect Timeout=30;User Instance=True";
con.Open();
string w = ud.Text.ToString();
string n = pw.Text.ToString();
string str = string.Format("select * from [usernp] where username='{0}'and userpw='{1}'", w, n);
//string str = "select * from usernp where username="+ w +"and userpw= " + n + "";
TextBox1.Text = str;// str的值为:select * from [usernp] where username='admin1'and userpw='123456'
SqlCommand conn = new SqlCommand(str, con);
int k = Convert.ToInt32(conn.ExecuteNonQuery());
//TextBox1.Text = k.ToString(); //而得到的为-1
if (k > 0)
{
Session["check"] = 1;
Response.Redirect("cl.aspx");
con.Close();
}
else
{
Session["check"] = 0;
//Response.Redirect("error.aspx");
con.Close();
}
usernp表的数据为:
username userpw
admin1 123456
admin2 123456
admin3 123456 //类型为char(10)
当我在登录框里输入 admin1 密码:123456 时 得到conn.ExecuteNonQuery()值为-1 这是什么原因啊?急。
你try{conn.ExecuteNonQuery()}
cath(excption ex){ ex.ToString();}
看看
select收到了数据的啊 楼上
{
SqlConnection con = new SqlConnection();
con.ConnectionString = "Data Source=.\\SQLEXPRESS;AttachDbFilename=F:\\hzcl\\App_Data\\user.mdf;Integrated Security=True;Connect Timeout=30;User Instance=True";
con.Open();
string w = ud.Text.ToString();
string n = pw.Text.ToString();
string str = string.Format("select * from [usernp] where username='{0}'and userpw='{1}'", w, n);
//string str = "select * from usernp where username="+ w +"and userpw= " + n + "";
TextBox1.Text = str;// str的值为:select * from [usernp] where username='admin1'and userpw='123456'
SqlCommand conn = new SqlCommand(str, con);
int k = Convert.ToInt32(conn.ExecuteNonQuery());
//TextBox1.Text = k.ToString(); //而得到的为-1
if (k > 0)
{
Session["check"] = 1;
Response.Redirect("cl.aspx");
con.Close();
}
else
{
Session["check"] = 0;
//Response.Redirect("error.aspx");
con.Close();
}
usernp表的数据为:
username userpw
admin1 123456
admin2 123456
admin3 123456 //类型为char(10)
当我在登录框里输入 admin1 密码:123456 时 得到conn.ExecuteNonQuery()值为-1
但是我用TEXTBOX得到的查寻语句字符串是:str的值为:select * from [usernp] where username='admin1'and userpw='123456'
select收到了数据的啊
这是什么原因啊?急。
没有像楼主这样用过,即然用是否有数据来判断,那就改改sql语句
select count(*) from table where user='' and pwd='' 用int i=(int)cmd.ExecuteScalar();然后判断i 是否在于0,大于存在数据,后则不存在要不不改sql语句,用ExcuReader
dataReader = cmd.ExecuteReader();
SqlDataReader sqlread = conn.ExecuteReader();
dataReader = cmd.ExecuteReader(); if(dataReader.Read() && dataReader.hasRows) //dataReader取得正确数据
{
//下面用dataReader的值存入session
}
只能有与更新,查询应该用cmd.ExecuteScalar();
或者cmd.ExecuteReader();
如果用错了,就会返回-1
我一直使用微软的企业库来实查insert ,select ,delete ,建议你也去用用
string sql = "select * from usernp where username='" + w + "'and userpw= '" + n + "'"
应该有单引号的