protected void btnLogin_Click(object sender, EventArgs e) { string username = UserName.Value.Trim(); string password = Password.Value; Model.User u = DAL.UserRule.Get(username); if (u.Password == St.GetMd5(username + password) && u.Status == 1) { Session["user"] = u; St.SetCookie("user", u.UserName, DateTime.Now.AddYears(1)); St.SetCookie("user2", u.Password, DateTime.Now.AddYears(1)); Response.Redirect("Default.aspx"); } else { divError.Visible = true; } }