Ajax+asp.net实现用户登陆

<!DOCTYPE html><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>  <title></title>  <script type="text/javascript">    var obj = createobj();     function login(name, pwd)    {      var urlstr = "http://localhost:14248/server.aspx?username=" + name + "&password=" + pwd;      obj.open("get", urlstr, true);      obj.onreadystatechange = dowork;      obj.send();    }     function dowork()    {      if (obj.readyState == 4)      {        if (obj.status == 200)        {          document.getElementById("msg").innerText = obj.responseText;        }      }    }    //创建对象    function createobj()    {      var xmlHttp = null;      try {        //非IE浏览器        xmlHttp = new XMLHttpRequest();      }      catch (e)      {  //IE浏览器        try{          xmlHttp = new ActiveXObject("Msxml2.HTTP");        }        catch (e)        {          xmlHttp = new ActiveXObject("Microsoft.XMLHTTP");        }      }      return xmlHttp;    }  </script></head><body>  <table>    <tr>      <td align="center" colspan="2">登录</td>    </tr>    <tr>      <td>用户名：</td>      <td><input type="text" id="username" name="username" /></td>    </tr>    <tr>      <td>密码：</td>      <td><input type="password" id="password" name="password" /></td>    </tr>    <tr>      <td >        <input type="submit" value="登录" onclick="login(document.getElementById('username').value,document.getElementById('password').value)" />      </td>      <td>        <input type="reset" value="清空" />      </td>      <td><span id="msg"></span></td>    </tr>  </table></body></html>

using System;using System.Collections.Generic;using System.Data;using System.Data.SqlClient;using System.Linq;using System.Web; namespace AJAXtest{  public class DAL  {    private string connstr = "server=acer-pc;database=mydatabase;user id=sa;password=123456";    public DataTable selectDB(string sql)    {      DataTable dt = new DataTable();      try      {        SqlConnection conn = new SqlConnection(connstr);        SqlDataAdapter sda = new SqlDataAdapter(sql, conn);        sda.Fill(dt);      }      catch(Exception e)      {}      return dt;    }  }}

using System;using System.Collections.Generic;using System.Data;using System.Linq;using System.Web; namespace AJAXtest{  public class BLL  {    public bool login(string username,string password)    {      try      {        string sql = "select password from Users where username='" + username + "'";        DAL sqlSelect = new DAL();        DataTable dt = sqlSelect.selectDB(sql);        if (dt.Rows[0]["password"].ToString() != password)          return false;      }      catch (Exception)      {       }      return true;    }  }}

using System;using System.Collections.Generic;using System.Linq;using System.Web;using System.Web.UI;using System.Web.UI.WebControls; namespace AJAXtest{  public partial class Server : System.Web.UI.Page  {    protected void Page_Load(object sender, EventArgs e)    {      string username = Request["username"].ToString();      string password = Request["password"].ToString();      BLL b = new BLL();      if (b.login(username, password))      {        Response.Write("登录成功");        Response.End();      }      else      {        Response.Write("登录失败");        Response.End();      }    }  }}

<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Server.aspx.cs" Inherits="AJAXtest.Server" %> <!DOCTYPE html> <html xmlns="http://www.w3.org/1999/xhtml"><head runat="server"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>  <title></title></head><body>  <form id="form1" runat="server">  <div>     </div>  </form></body></html>