public User SelectUser(string code, string password, IDbConnection conn) { string sql = @" SELECT ID,UserCode,UserName,Password,Actived,Remark FROM MD_User WHERE UserCode=@UserCode AND Password=@Password"; List <SqlParameter> paramList = new List <SqlParameter>(); paramList.Add(new SqlParameter("@UserCode", code)); paramList.Add(new SqlParameter("@Password", password)); DataTable dt = DataAccessUtil.ExecuteDataTable(sql, paramList, (SqlConnection)conn); if (dt.Rows.Count == 0) { return(null); } if (dt.Rows.Count > 1) { throw new ApplicationException("用户不唯一。"); } DataRow row = dt.Rows[0]; User user = new User(); user.ID = (int)row[0]; user.Code = (string)row[1]; user.Name = (string)row[2]; user.Password = (string)row[3]; user.Actived = (bool)row[4]; user.Remark = (string)row[5]; //user.Actived = row["Actived"]; return(user); }