如果用戶有效或無法傳遞標籤,我正在使用3層架構與應用程序設置.so你能指導我如何通過標籤無論用戶是否有效或不如何在三層架構中傳遞標籤
public static int login(string UserName, string Password)
{
SqlConnection con = new SqlConnection();
con.ConnectionString = GetConnectionString();
con.Open();
int userid = 0;
string selectstr = "select UserName,Password from Registration where UserName =' " + UserName + " ' And Password = ' " + Password + " ' ";
SqlCommand cmd = new SqlCommand();
cmd.CommandText = selectstr;
cmd.CommandType = System.Data.CommandType.Text;
cmd.Connection = con;
userid = cmd.ExecuteNonQuery();
cmd = null;
con.Close();
return userid;
if(......... ?)
{
labet.Text = " valid";
} else
{
label.Text = " not valid";
您正在使用'ADO.NET'架構,但你戰勝它的目的。請參數化查詢。 ':)' – 2013-03-07 09:53:00
兄弟我想驗證用戶並顯示有效的消息或有效 – hitarth 2013-03-07 09:58:15
**請不要連接這樣的SQL語句。最終有人會在用戶名字段中輸入「OR 1 = 1; - 」......注意SQL注入! – fguchelaar 2013-03-07 10:05:07