public static int ValidateUserInfo(string userName, string userPwd)        {            SqlDataReader tablePws = null;            string md5pws = ToMD5(userPwd);             SqlConnection conn = new SqlConnection();            conn.ConnectionString = staticValue.staticValue.userDB;            SqlCommand cmd = new SqlCommand();            cmd.Connection = conn;             cmd.CommandText = string.Format("select password,Id from u_users where (LoginName='{0}' or handphone='{2}' or eMail='{3}')", userName);            conn.Open();            tablePws = cmd.ExecuteReader();            cmd.Dispose();            conn.Close();            conn.Dispose();             if (tablePws == null)            {                return -1;            }            else            {                string key = Encoding.Unicode.GetString(tablePws["password"] as byte[]);                if (md5pws == Decrypt(key))                {                    int userId = 0;                    int.TryParse(tablePws["Id"].ToString(), out userId);                    return userId;                }                return -1;            }        } 姓名 ID 等等