[求助]请高人们看看是什么问题
protected void Button1_Click(object sender, EventArgs e){
if (this.name.Text != "")//判断用户名是否未空
{
if (this.pwd.Text != "")//判断密码是否未空
{
if (this.yanzhen1.Text != "")//判断验证码是否未空
{
if (this.yanzhen1.Text == this.Label1.Text)//判断验证码是否相等
{
try
{
OleDbConnection m_conn = new OleDbConnection("Provider=Microsoft.Jet.OLEDB.4.0; Data Source=" + Server.MapPath("./app_data/library.mdb"));
m_conn.Open();
OleDbCommand cmd = new OleDbCommand("select * from Administrator where 用户名=" + this.name.Text + "and 密码=" + this.pwd.Text, m_conn); //建立sql查询语句
int state = Convert.ToInt32(cmd.ExecuteScalar());
if (state == 0 || state > 1)
{
this.Label2.Text = "用户不存在,请检测用户名和密码是否正确!";
}
else
{ this.Label2.Text = "登入成功!"; }
m_conn.Close();}
catch (Exception a)
{ Response.Redirect("Default2.aspx"); }
}
else
{ this.Label2.Text = "验证码不正确,请重新输入!"; }
}
else
{ this.Label2.Text = "验证码没有填写!"; }
}
else
{ this.Label2.Text = "密码没有填写!"; }
}
程序是运行成功的,问题是只要验证码一样,用户名和密码和ACCESS表内的有无相同的数据,也可以到另一个网页,我是新手,请高人们看看是什么问题