public string UserLogin(string MyUserName, string MyUserPwd) { DataRow MyDataRow = DbHelperSQL.GetDataRow("select * from admininfo where aUserName='******'"); if (MyDataRow == null) { return("user"); } if (MyUserPwd == DataValidate.ValidateDataRow_S(MyDataRow, "aPwd")) { HttpContext.Current.Session["names"] = DataValidate.ValidateDataRow_S(MyDataRow, "aName"); HttpContext.Current.Session["nums"] = DataValidate.ValidateDataRow_S(MyDataRow, "aNum"); HttpContext.Current.Session["username"] = DataValidate.ValidateDataRow_S(MyDataRow, "aUserName"); HttpContext.Current.Session["userjiao"] = DataValidate.ValidateDataRow_S(MyDataRow, "aRnum"); HttpContext.Current.Session["shopnum"] = DataValidate.ValidateDataRow_S(MyDataRow, "aSnum"); string sqlf = "select sName from shops where sNum = '" + DataValidate.ValidateDataRow_S(MyDataRow, "aSnum") + "'"; DataTable dt = this.bc.ReadTable(sqlf); if (dt.Rows.Count > 0) { HttpContext.Current.Session["shopname"] = dt.Rows[0]["sName"].ToString(); } return("true"); } return("pwd"); }