config--------------->
<authentication mode="Forms" >
<forms loginUrl="login.aspx"></forms>
</authentication>
<authorization>
<deny users="?"/>
</authorization>
.CS----------------->
string UserName=this.TextBox1.Text.Trim();
string Pass=this.Textbox2.Text.Trim();
SqlConnection Mycon=new SqlConnection(server=(local);DataBase=jdp;User ID=sa;Pwd=;Timeout=900");
string Sql="select UserName,Pass from dbo.UserInfo where UserName='"+UserName+"'and Pass='"+Pass+"'";
SqlDataAdapter Dat=new SqlDataAdapter(Sql,Mycon);
DataTable Dt=new DataTable();
Dat.Fill(Dt);
if(Dt.Rows.Count>0)
{
FormsAuthentication.RedirectFromLoginPage(UserName,false);
Response.Redirect("default.aspx?User="+this.TextBox1.Text.Trim());
}
else
{
Response.Write("<script>alert('你输入的密码错误!')</script>");
}