<%@ Page Language="C#" AutoEventWireup="true" CodeFile="UserLogin.aspx.cs" Inherits="UserLogin" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head runat="server"> <title></title> </head> <body> <div align="center"> <h1>用户登录页面</h1> <form id="form1" runat="server"> <p> <asp:Label ID="lbusername" runat="server">用户名:</asp:Label> <asp:TextBox ID="tbusername" runat="server"></asp:TextBox> </p> <p> <asp:Label ID="lbpsw" runat="server">密 码:</asp:Label> <asp:TextBox ID="tbpsw" runat="server" TextMode="Password"></asp:TextBox> </p> <p><asp:Button ID="btnLogin" runat="server" Text="登录" onclick="btnLogin_Click" /> <asp:Button ID="btnCancel" runat="server" Text="取消" onclick="btnCancel_Click" /> </p> </form> </div> </body> </html>
/// <summary> /// 用户登录 /// </summary> /// <param name="sender"></param> /// <param name="e"></param> protected void btnLogin_Click(object sender, EventArgs e) { if (tbusername.Text == "") { Response.Write(@"<script>alert('用户名不能为空!');</script>"); } if (tbpsw.Text == "") { Response.Write(@"<script>alert('密码不能为空!');</script>"); } string username = tbusername.Text; string password = tbpsw.Text; string sql = "select * from T_user where username=@username and password=@password"; SqlParameter[] parameters = { new SqlParameter("@username",username), new SqlParameter("@password", password) }; using (SqlConnection conn = new SqlConnection(connstr)) { conn.Open(); using (SqlCommand cmd = conn.CreateCommand()) { cmd.CommandText = sql; cmd.Parameters.AddRange(parameters); DataSet ds = new DataSet(); SqlDataAdapter adapter = new SqlDataAdapter(cmd); adapter.Fill(ds); DataTable table = ds.Tables[0]; if(table != null) Response.Write(@"<script>alert('登录成功!');</script>"); else Response.Write(@"<script>alert('登录失败!');</script>"); } } }
/// <summary> /// 用户注册 /// </summary> /// <param name="sender"></param> /// <param name="e"></param> protected void brnRegister_Click(object sender, EventArgs e) { string username = tbusername.Text; string password = tbpsw.Text; string sql = "Insert into T_user(username, password) values(@username,@password)"; SqlParameter[] parameters = { new SqlParameter("@username", username), new SqlParameter("@password", password) }; using (SqlConnection conn = new SqlConnection(connstr)) { conn.Open(); using (SqlCommand cmd = conn.CreateCommand()) { cmd.CommandText = sql; cmd.Parameters.AddRange(parameters); cmd.ExecuteNonQuery(); } } Response.Write(@"<script>alert('注册成功!');</script>"); }