0

有人可以指出导致此错误的原因吗?我一直在尝试修复它,但我失败了。我不明白“ID”有什么问题......究竟是哪个部分产生了这个错误?

这是我的代码:

protected void Button1_Click(object sender, EventArgs e)
{
    SqlConnection conn = new SqlConnection();
    conn.ConnectionString = SqlDataSource1.ConnectionString;

    string str = "SELECT * FROM Student "
        + " WHERE Student ID = '" + StudentID.Text + "' AND "
        + " Password = '" + SPassword.Text + "'";

    SqlCommand cmdSelect = new SqlCommand(str, conn);
    SqlDataReader reader;

    conn.Open();
    reader = cmdSelect.ExecuteReader();


    if (reader.Read())
    {

        if (StudentID.Text == "900000000")

            Response.Write("<body onload=\"window.open('Admin.aspx', '_top')\"></body>");

        else

            Response.Write("<body onload=\"window.open('user.aspx', '_top')\"></body>");

    }
    else
        lblMsg.Text = "Invalid Username and/or Password, please re-try!!";

    conn.Close();

}
4

1 回答 1

0

SELECT * FROM Student WHERE Student.ID ...(你有一个空格而不是一个点)

您可以完全省略Student并仅使用ID(就像您的 for 一样Password)。

于 2013-03-21T01:36:57.240 回答