<%@ Page Language="VB" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<script runat="server">
	' Dim sds As SqlDataSource = New SqlDataSource("Data Source=.;Initial Catalog=mydata;User ID=sa;Password=Abcdefg1", "select a from t_user where username = @username and userpass = @userpass")
    Dim sds As SqlDataSource = New SqlDataSource(Dao.ConnectionString, "select a from t_user where username = @username and userpass = @userpass")
    Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs)
        Response.Cookies("username").Value = ""
        Response.Cookies("userpass").Value = ""
    End Sub

    Protected Sub Login1_Authenticate(ByVal sender As Object, ByVal e As System.Web.UI.WebControls.AuthenticateEventArgs) Handles Login1.Authenticate
        Dim username As String = Me.Login1.UserName.Trim().ToLower() '接收控件输入
        Dim userpass As String = Me.Login1.Password.Trim().ToLower()
        
        sds.SelectParameters.Add("username", username) '预处理
        sds.SelectParameters.Add("userpass", userpass) '预处理
        
        If CType(sds.Select(DataSourceSelectArguments.Empty), System.Data.DataView)(0)(0) Then '判断第一行第一列不为0就是真
            Response.Cookies("username").Value = username '设置会话用户名
            Response.Cookies("userpass").Value = userpass '设置会话密码
            Response.Redirect("~/default.aspx") '跳转到默认页面
            Return
        End If
    End Sub
</script>

<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
    <title></title>
</head>
<body>
    <form id="form1" runat="server">
    <div>
        <asp:Login ID="Login1" runat="server">
        </asp:Login>
    </div>
    </form>
</body>
</html>