三种操作数据库的途径

SqlConnection conn =new  SqlConnection                    
("server=;database=news2;uid=sa;pwd=");
conn.Open();
SqlCommand cmd=new SqlCommand();
cmd.CommandText="select count(*)from users 
where name='"+this.TextBox1.Text+"'and pwd='"+this.TextBox2.Text+"'";
cmd.Connection=conn;
int i=(int)cmd.ExecuteScalar();
Response.Write(i.ToString());
if(i==1)
{
Response.Redirect("add.aspx");}
else
{
Label1.Text="error!"
}

SqlConnection conn =new  SqlConnection("server=;database=news;uid=sa;pwd=");
conn.Open();//打开数据库
SqlCommand cmd=new SqlCommand();//建立命令对象
cmd.CommandText="select count(*)from users where name=@name and pwd=@pwd";
cmd.Connection=conn;//设置连接
SqlParameter p= new SqlParameter("@name",SqlDbType.Char,10);
//定义参数
p.Value=this.TextBox1.Text;
cmd.Parameters.Add(p);//添加参数到集合
p= new SqlParameter("@pwd",SqlDbType.Char,10);
p.Value=this.TextBox2.Text;
cmd.Parameters.Add(p);
int i=(int)cmd.ExecuteScalar();
if(i==1)
{
Response.Redirect("add.aspx");}
else
{
Label1.Text="error!"
}

SqlConnection conn =new  SqlConnection("server=;database=news;uid=sa;pwd=");
conn.Open();//打开数据库
SqlCommand cmd=new SqlCommand();//建立命令对象
cmd.CommandText=" checkLogin";//设置命令文本
cmd.CommandType=CommandType.StoredProcedure;
//设置文本类型
cmd.Connection=conn;//设置连接
SqlParameter p= new SqlParameter("@name",SqlDbType.Char,10);
//定义参数
p.Value=this.TextBox1.Text;
cmd.Parameters.Add(p);//添加参数到集合
p= new SqlParameter("@pwd",SqlDbType.Char,10);
p.Value=this.TextBox2.Text;
cmd.Parameters.Add(p);
int i=(int)cmd.ExecuteScalar();
if(i==1)
{
Response.Redirect("add.aspx");}
else
{
Label1.Text="error!"
}