asp.net+sql2000初学者登陆问题,请大侠指点,不胜感激
为什么我都是不能登录成功:代码如下:
protected void Button1_Click(object sender, EventArgs e)
{
string userid = this.TextBox1.Text;
string password = this.TextBox2.Text;
string ConnectionString = @"server=WWW-2478D829835;uid=sa;pwd=;database=aspnet";
SqlConnection con = new SqlConnection(ConnectionString);
con.Open();
string str="select * from user where 用户名='"+userid+"'and 密码='"+password+"'";
SqlCommand mycom = new SqlCommand(str,con);
SqlDataReader rd = mycom.ExecuteReader();
rd.Read();
//con.Close();
if (!rd.HasRows)
{
Response.Write("<script>alert('密码错误!')</script>");
}
else
{
con.Close();
Response.Write("WebForm1.aspx");
}
}
报错提示:Server Error in '/' Application.
--------------------------------------------------------------------------------
在关键字 'user' 附近有语法错误。
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.Data.SqlClient.SqlException: 在关键字 'user' 附近有语法错误。
Source Error:
Line 31: string str="select * from user where 用户名='"+userid+"'and 密码='"+password+"'";
Line 32: SqlCommand mycom = new SqlCommand(str,con);
Line 33: SqlDataReader rd = mycom.ExecuteReader();
Line 34: rd.Read();
--------------------编程问答-------------------- 你把你那个user表用[user]括起来。 --------------------编程问答-------------------- 你那个登陆也可以这样写:
int res=Convert.toInt32(mycom.ExecuteScalar());
if(res>0)
{
//登陆
}
else
{
//登陆失败
} --------------------编程问答-------------------- string str="select * from user where 用户名='"+userid+"'and 密码='"+password+"'";
string str="select * from [user] where 用户名=@user and 密码=@password";--------------------编程问答-------------------- 这出问题了string str="select * from user where
SqlParameter[] param={......};
关键字啊
换成[user]
这种错误不应该犯
补充:.NET技术 , Web Services
