public User findUser(string loginName, string password)
{
string sql = @"select * from users where loginName ='" + loginName + "' and psw='" + password + "'";
DataTable table = sqlTool.query(sql);
if (null == table || table.Rows.Count == 0)
{
return(null);
}
User user = null;;
foreach (DataRow row in table.Rows)
{
user = new User();
user.Id = (int)row["id"];
user.LoginName = loginName;
user.Password = password;
}
return(user);
}