public static User GetUser(string name, string pwd) { User user = null; string sql = "select * from user where userName=\'" + name + "\' and userpwd=\'" + pwd + "\'"; MySqlDataReader reader = DBOper.GetReader(sql); if (reader.Read()) { user = new User(); user.Name = Convert.ToString(reader["userName"]); user.Pwd = Convert.ToString(reader["userPwd"]); user.Role = Convert.ToInt32(reader["role"]); } reader.Close(); return(user); }