private void FrmSysLogin_Load(object sender, EventArgs e)
{
conStr = @"Data Source=2011-20131004OT;Initial Catalog=Bank;Integrated Security=true";
}
private void btnLogin_Click(object sender, EventArgs e)
{
SqlConnection connection = new SqlConnection(conStr);
SqlCommand cmd = new SqlCommand();
connection .Open ( );
cmd .CommandText = " SELECT*FROM Bank WHERE cardID@='6301'&&<='6310' AND pwd=='888888'";
SqlParameter paraID = new SqlParameter();
paraID.ParameterName = "cardID";
paraID.DbType = System.Data.DbType.String;
paraID.SqlDbType = System.Data.SqlDbType.Char;
paraID.Direction = System.Data.ParameterDirection.InputOutput;
paraID.IsNullable = true;
paraID.Value = "10000";
cmd.Parameters.Add(paraID);
SqlParameter paraPWD = new SqlParameter();
paraPWD.ParameterName = "pwd";
paraPWD.DbType = System.Data.DbType.String;
paraPWD.SqlDbType = System.Data.SqlDbType.Char;
paraPWD.Direction = System.Data.ParameterDirection.InputOutput;
paraPWD.IsNullable = true;
paraPWD.Value = "888888";
cmd.Parameters.Add(paraPWD);
SqlDataReader reader = cmd.ExecuteReader();
if (reader.HasRows)
{
;
MessageBox.Show("登录成功!");
}
else
{
MessageBox.Show("登录失败!");
}
connection.Close();