using System.Security.Cryptography;
private void btnOK_Click(object sender, System.EventArgs e)
{
string strConn = "server=192.168.0.51;database=chengheng;User id=sa; password=123";
if(texName.Text.Trim()=="")
{
this.RegisterStartupScript("sf","<script language='javascript'>alert('用户名不能为空');document.all('texName').focus()</script>");
return;
}
else if(texPassword.Text.Trim()=="")
{
this.RegisterStartupScript("sfs","<script language='javascript'>alert('密码不能为空');document.all('texPassword').focus()</script>");
return;
}
else
{
//将获取的密码加密与数据库中加了密的密码相比较
byte[] by = md5.ComputeHash(utf.GetBytes(texPassword.Text.Trim()));
string resultPass = System.Text.UTF8Encoding.Unicode.GetString(by);
conn.ConnectionString=strConn;
SqlCommand comm = new SqlCommand();
string name = texName.Text.Trim().ToString();
comm.CommandText="select Ruser_pwd,Ruser_nm from Ruser where Accountno = @name";
comm.Parameters.Add("@name",SqlDbType.NVarChar,40);
comm.Parameters["@name"].Value=name;
try
{
conn.Open();
comm.Connection=conn;
SqlDataReader dr=comm.ExecuteReader();
if(dr.Read())
{
//用户存在,对密码进行检查
if(dr.GetValue(0).Equals(resultPass))
{
string user_name=dr.GetValue(1).ToString();
string user_Accountno=texName.Text.Trim();
Session["logon_name"]=user_name;
Session["logon_Accountno"]=user_Accountno;
//登录成功,进行页面导向
}
else
{
this.RegisterStartupScript("wp","<script language='javascript'>alert('密码错误,请检查。')</script>");
}
}
else
{
this.RegisterStartupScript("nu","<script language=javascript>alert('用户名不存在,请检查。')</script>");
}
}
catch(Exception exec)
{
this.RegisterStartupScript("wc","<script language=javascript>alert('网络连接有异,请稍后重试。')</script>");
}
finally
{
conn.Close();
}
}
}
