ajax简单登录

js部分(default.aspx)
<script>
var xmlHttp;
      function CreateXMLHttpRequest()
      {
        if(window.XMLHttpRequest)
        {
              xmlHttp =new XMLHttpRequest();
        }else if(window.ActiveXObject)
        {
           xmlHttp = new ActiveXObject("Microsoft.XMLHTTP") ;
        }
      }
function login()
{
    CreateXMLHttpRequest();   //创建组建
    var name=document.getElementById("<%=txtName.ClientID %>").value;
    var password=document.getElementById("<%=txtPwd.ClientID %>").value;
    var url="Login.aspx?name="+name+"&password="+password;
    xmlHttp.open("get",url,true); //初始化数据
    xmlHttp.onreadystatechange=iscallback; //设置回调函数
    xmlHttp.send(null);
}
function iscallback()
{
    if(xmlHttp.readyState==4&& xmlHttp.status==200 && xmlHttp.responseText=="true")
    {
        document.getElementById("txtmsg").value="success";
    }
    else
        document.getElementById("txtmsg").value="fail";
}
</script>

//body 部分(default.aspx)
<body>
    <form id="form1" runat="server">
    <div>
        username: 
        <asp:TextBox ID="txtName" runat="server"></asp:TextBox><br />
        passowrd:  <asp:TextBox ID="txtPwd" runat="server"></asp:TextBox><br />
                             
        <input id="Button2" onclick="login()" type="button" value="login" /> <br />
         
        <input id="txtmsg" type="text" /></div>
    </form>
</body>

//处理部分(Login.aspx.cs)
protected void Page_Load(object sender, EventArgs e)
    {
        if (!IsPostBack)
        {
            string name = Request.QueryString["name"];
            string pwd = Request.QueryString["password"];
            if (name != "" || name != "null" || pwd != "" || pwd != "null")
            {

                int result = geruser(name, pwd);
                if (result > 0)
                {
                    Response.Write("true");
                    Response.End();
                }
            }
        }
    }
    public static string conStr = @"Server=(local);DataBase=TengDa;Trusted_Connection=Yes";
    public static SqlConnection connection;
    public static SqlConnection getConnection
    {
        get
        {
            if (connection == null)
            {
                connection = new SqlConnection(conStr);
                connection.Open();
            }
            else if (connection.State == System.Data.ConnectionState.Closed)
            {
                connection.Open();
            }
            else if (connection.State == System.Data.ConnectionState.Broken)
            {
                connection.Close();
                connection.Open();
            }
            return connection;
        }
    }
    //
    public static int geruser(string name, string pwd)
    {
        string sql = "select * from Role where RoleName='" + name + "' and RoleRemark='" + pwd + "'";
        SqlCommand cmd = new SqlCommand(sql, getConnection);
        return Convert.ToInt32(cmd.ExecuteScalar());
    }