public int login(string sid,string password) { OdbcCommand command = new OdbcCommand("select * from student where sid = ? and password = ?",connection); command.AddParam("sid",OdbcType.VarChar,sid); command.AddParam("password",OdbcType.VarChar,password); OdbcDataReader reader = command.ExecuteReader(); if (!reader.HasRows) return -1; return reader.GetInt32(0); }