参考这个方法写一个查询！

   public static int ValidateUserInfo(string userName, string userPwd)
        {
            SqlDataReader tablePws = null;
            string md5pws = ToMD5(userPwd);

            SqlConnection conn = new SqlConnection();
            conn.ConnectionString = staticValue.staticValue.userDB;
            SqlCommand cmd = new SqlCommand();
            cmd.Connection = conn;

            cmd.CommandText = string.Format("select password,Id from u_users where (LoginName='{0}' or handphone='{2}' or eMail='{3}')", userName);
            conn.Open();
            tablePws = cmd.ExecuteReader();
            cmd.Dispose();
            conn.Close();
            conn.Dispose();

            if (tablePws == null)
            {
                return -1;
            }
            else
            {
                string key = Encoding.Unicode.GetString(tablePws["password"] as byte[]);
                if (md5pws == Decrypt(key))
                {
                    int userId = 0;
                    int.TryParse(tablePws["Id"].ToString(), out userId);
                    return userId;
                }
                return -1;
            }
        }

姓名 ID 等等

慕尼黑5688855

浏览 519回答 1

1回答

慕森王

cmd.CommandText = string.Format("select password,Id from u_users where (LoginName='{0}' or handphone='{2}' or eMail='{3}')", userName); 你没有写入{1} 就直接从0-》2了，应该有错的。

随时随地看视频慕课网APP

参考这个方法写一个 查询！

1回答

参考这个方法写一个查询！