做asp.net登录验证时的问题
public partial class WEB_DL : System.Web.UI.Page
{
private string connectionString = System.Web.Configuration.WebConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
protected void Page_Load(object sender, EventArgs e)
{
}
protected void ImageButton2_Click(object sender, ImageClickEventArgs e)
{
SqlConnection con = new SqlConnection(connectionString);
string selectSQL = "SELECT UserName,UserPD,QX FROM Table_User WHERE UserName='" + TextBox1.Text.Trim() + "'AND UserPD='" + TextBox2.Text.Trim() + "'";
SqlCommand cmd = new SqlCommand(selectSQL, con);
try
{
con.Open();
SqlDataReader reader = cmd.ExecuteReader();
if (reader.Read())
{
if (reader["QX"].ToString() == "1")
{
Response.Redirect("Admin.aspx");
}
else
{
Session["username"] = reader["Name"].ToString();
Response.Redirect("Default.aspx");
}
}
else
{
Label1.Visible = true;
}
reader.Close();
}
catch (Exception ee)
{
Response.Write(ee.Message);
}
finally
&