我正在尝试通过SqlParameter传递用户名和密码。
但是没有执行查询。
string strSQL = @"SELECT User_ID, Enabled
FROM User_Reg
WHERE Username = @paramUsername
AND CAST(Password AS varbinary(30)) = CAST(@paramPassword AS varbinary(30))";
objSqlCommand = new SqlCommand(strSQL, objSqlDbComm.SqlConnectionObject);
objSqlCommand.Parameters.AddWithValue("@paramUsername", txtUsername.Text);
objSqlCommand.Parameters.AddWithValue("@paramPassword", txtPassword.Text);
DataTable objDataTable = objSqlDbComm.ExecuteDataset(objSqlCommand).Tables[0];
objDataTable.Rows.Count计数为0。
答案 0 :(得分:0)
string strSQL = @"SELECT User_ID, Enabled FROM User_Reg WHERE Username = '"+txtUsername.Text+"'AND CAST(Password AS varbinary(30)) = CAST('"+txtPassword.Text+"' AS varbinary(30))";
objSqlCommand = new SqlCommand(strSQL, objSqlDbComm.SqlConnectionObject);
objSqlCommand.ExecuteNonQuery();
答案 1 :(得分:-1)
string Query = @"SELECT User_ID, Enabled FROM User_Reg WHERE Username = '"+txtUsername.Text+"'AND CAST(Password AS varbinary(30)) = CAST('"+txtPassword.Text+"' AS varbinary(30))";
objSqlCommand = new SqlCommand(Query, objSqlDbComm.SqlConnectionObject);
objSqlCommand.ExecuteNonQuery();