(select password,Id from u_users where (LoginName='{0}' or handphone='{0}' or eMail='{0}')", userName ) 这里面的userName是什么意思?
以下是整体代码 求解释!
public static int ValidateUserInfo(string userName, string userPwd)
{
SqlDataReader tablePws = null;
string md5pws = ToMD5(userPwd);
SqlConnection conn = new SqlConnection();
conn.ConnectionString = staticValue.staticValue.userDB;
SqlCommand cmd = new SqlCommand();
cmd.Connection = conn;
cmd.CommandText = string.Format("select password,Id from u_users where (LoginName='{0}' or handphone='{0}' or eMail='{0}')", userName);
conn.Open();
tablePws = cmd.ExecuteReader();
cmd.Dispose();
conn.Close();
conn.Dispose();
if (tablePws == null)
{
return -1;
}
else
{
string key = Encoding.Unicode.GetString(tablePws["password"] as byte[]);
if (md5pws == Decrypt(key))
{
int userId = 0;
int.TryParse(tablePws["Id"].ToString(), out userId);
return userId;
}
return -1;
}
}
慕神8447489
慕妹3146593
阿波罗的战车
慕丝7291255
波斯汪
沧海一幻觉
相关分类