数据库:app,表:Student
db.cs文件
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Data.SqlClient;
/// <summary>
/// db 的摘要说明
/// </summary>
public class db
{
public db()
{
//
// TODO: 在此处添加构造函数逻辑
//
}
public static SqlConnection CreateConnection()
{
SqlConnection con = new SqlConnection("Data Source=PC-201510151352\\MSSQLSERVER1;Initial Catalog=app;User Id=sa;Pwd=1234");
return con;
}
}
Login.aspx文件
<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Login.aspx.cs" Inherits="_Default" %>
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title></title>
</head>
<body>
<div align="center">
<h1>用户登录页面</h1>
<form id="form1" runat="server">
<p> <asp:Label ID="lbusername" runat="server">用户名:</asp:Label>
<asp:TextBox ID="tbusername" runat="server"></asp:TextBox>
</p>
<p> <asp:Label ID="lbpsw" runat="server">密 码:</asp:Label>
<asp:TextBox ID="tbpsw" runat="server" TextMode="Password" style="margin-left: 0px"></asp:TextBox>
</p>
<p> <asp:Button ID="btnLogin" runat="server" Text="登录" onclick="btnLogin_Click" />
<asp:Button ID="btnRegister" runat="server" Text="注册" onclick="btnRegister_Click" />
</p>
</form>
</div>
</body>
</html>
Login.aspx.cs文件
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.SqlClient;
using System.Data;
public partial class _Default : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
}
protected void btnLogin_Click(object sender, EventArgs e)
{
if ((tbusername.Text == "") || (tbpsw.Text == ""))
{
Response.Write(@"<script>alert('用户名与密码不能为空!');</script>");
}
else
{
SqlConnection con = db.CreateConnection();
con.Open();
string strSql = "select password from Student where username='" + tbusername.Text + "'";
SqlCommand cmd = new SqlCommand(strSql, con);
DataSet ds = new DataSet();
SqlDataAdapter da = new SqlDataAdapter(strSql, con);
da.Fill(ds, "Student");
try
{
if (tbpsw.Text == ds.Tables[0].Rows[0].ItemArray[0].ToString().Trim())
{
string curuser = tbusername.Text;
Response.Write(@"<script>alert('登录成功,欢迎你!');</script>");
}
else
{
Response.Write(@"<script>alert('用户名或者密码错误!');</script>");
}
}
catch
{
Response.Write(@"<script>alert('Sorry!你输入的用户名不存在!');</script>");
}
con.Close();
}
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////
/*if (tbusername.Text == "")
{
Response.Write(@"<script>alert('用户名不能为空!');</script>");
goto abc;
}
if (tbpsw.Text == "")
{
Response.Write(@"<script>alert('密码不能为空!');</script>");
goto abc;
}
string username = tbusername.Text;
string password = tbpsw.Text;
String connstr = "Data Source=PC-201510151352\\MSSQLSERVER1;Initial Catalog=app;User Id=sa;Pwd=1234";
string sql = "select * from Student where username=@username and password=@password";
SqlParameter[] parameters = { new SqlParameter("@username", username), new SqlParameter("@password", password) };
using (SqlConnection conn = new SqlConnection(connstr))
{
conn.Open();
using (SqlCommand cmd = conn.CreateCommand())
{
cmd.CommandText = sql;
cmd.Parameters.AddRange(parameters);
DataSet ds = new DataSet();
SqlDataAdapter adapter = new SqlDataAdapter(cmd);
adapter.Fill(ds);
DataTable table = ds.Tables[0];
if (table == null)
Response.Write(@"<script>alert('登录成功!');</script>");
else
Response.Write(@"<script>alert('登录失败!');</script>");
}
}
abc: ;
*/
///////////////////////////////////////////////////////////////////////////////////////////////////////////////
}protected void btnRegister_Click(object sender, EventArgs e)
{
if((tbusername.Text=="")||(tbpsw.Text==""))
{
Response.Write(@"<script>alert('用户名与密码不能为空!');</script>");
}
else
{
try
{
SqlConnection con = db.CreateConnection();
con.Open();
string strsql = "insert into Student values('" + tbusername.Text + "','" + tbpsw.Text + "')";
SqlCommand cmd=new SqlCommand(strsql,con);
cmd.ExecuteNonQuery();
con.Close();
tbusername.Text="";
tbpsw.Text="";
Response.Write(@"<script>alert('注册成功!欢迎登录!');</script>");
}
catch
{
Response.Write(@"<script>alert('用户名已存在!');</script>");
}
}
}
////////////////////////////////////////////////////////////////////////////////////////////////////////////////
/*String connstr = "Data Source=PC-201510151352\\MSSQLSERVER1;Initial Catalog=app;User Id=sa;Pwd=1234";
SqlConnection con = new SqlConnection();
con.ConnectionString = connstr;
con.Open();
SqlCommand cmd = new SqlCommand();
cmd.Connection = con;
String sql = String.Format("Insert into Student values('" + tbusername.Text + "','" + tbpsw.Text + "')");
cmd.CommandText = sql;
cmd.ExecuteNonQuery();
Response.Write(@"<script>alert('注册成功!');</script>");
// Response.Write(@"<script>alert('注册成功!');window.location='Register.aspx';</script>");
con.Close();
*/
///////////////////////////////////////////////////////////////////////////////////////////////////////////////
}