007_.Net dr 记录check

Access:

public static bool fnChkUserID(string pUserId,string pUserPassword,string pCheckNo)
    {
        bool boResult = false;
        using (OleDbConnection con = DB.createConnection())
        {
            con.Open();
            string sql = "SELECT userms.userid, userms.userpassword";
            sql = sql + " FROM userms";
            sql = sql + " WHERE (((userms.userid)='" + pUserId + "') AND ((userms.userpassword)='" + pUserPassword + "') AND ((userms.checkno)='" + pCheckNo + "'));";
            OleDbCommand cmd = new OleDbCommand(sql, con);
            OleDbDataReader dr = cmd.ExecuteReader();
            if (dr.Read())
            {
                boResult = true;
            }
        }
        return boResult;
    }

Oracle:

 protected void Page_Load(object sender, EventArgs e)
    {
            string strUserId = Request.Form["userId"].ToString();
            string strUserPwd = Request.Form.Get("userPwd").ToString();
            using (OleDbConnection con = DB.createConnection())
            {
                con.Open();
                OleDbCommand cmd = new OleDbCommand("select * from sydba.syuserms t where t.user_id='" + strUserId + "' and t.password='" + strUserPwd + "'", con);
                dr = cmd.ExecuteReader();
                if (dr.Read())
                {
                    Session["userId"] = strUserId;
                    Response.Redirect("Menu.aspx");
               }
                else
                {
                    Response.Redirect("loginFail.aspx");
                }
            }

    }

 

posted on 2009-03-07 14:39  shao  阅读(104)  评论(0)    收藏  举报

导航