//写在SQLHelper类里面的方法:
using System.Data.SqlClient;
using System.Configuration;
using System;
using System.Text;
using System.Data;
namespace 尝试封装
{
    class SQLHelper
    {
        public static int ExecuteNonQuery(string sql, params SqlParameter[] paramters)
        {
            String connStr = ConfigurationManager.ConnectionStrings["ConnStr"].ConnectionString;
            using (SqlConnection conn = new SqlConnection(connStr))
            {
                conn.Open();
                using (SqlCommand cmd = conn.CreateCommand())
                {
                    cmd.CommandText = sql;
                    foreach (SqlParameter parameter in paramters)
                    {
                        cmd.Parameters.Add(parameter);
                    }
                    return cmd.ExecuteNonQuery();
                }
             
            }
        }
        public static object ExecuteScalar(string sql, params SqlParameter[] paramters)
        {
            String connStr = ConfigurationManager.ConnectionStrings["ConnStr"].ConnectionString;
            using (SqlConnection conn = new SqlConnection(connStr))
            {
                conn.Open();
                using (SqlCommand cmd = conn.CreateCommand())
                {
                    cmd.CommandText = sql;
                    foreach (SqlParameter parameter in paramters)
                    {
                        cmd.Parameters.Add(parameter);
                    }
                    return cmd.ExecuteScalar();
                }
            }
        }
       
        //把DataSet写于SQLHelper类里面,做成三层的结构
        public static DataTable ExecuteDataTable(string sql, params SqlParameter[] parameters)
        {
               String connStr = ConfigurationManager.ConnectionStrings["ConnStr"].ConnectionString;
               using (SqlConnection conn = new SqlConnection(connStr))
               {
                   conn.Open();
                   using (SqlCommand cmd = conn.CreateCommand())
                   {
                       cmd.CommandText = sql;
                       foreach (SqlParameter parameter in parameters)
                       {
                           cmd.Parameters.Add(parameter);
                       }
                       DataSet ds = new DataSet();
                       SqlDataAdapter sda = new SqlDataAdapter(cmd);
                       sda.Fill(ds);
                       return ds.Tables[0];
                   }
               }
        }
    }
}
//写在Form1的登录里面的代码:
        //下面方法是登录的代码
        private void btnLogin_Click(object sender, EventArgs e)
        {
            DataTable dt = SQLHelper.ExecuteDataTable("select * from T_Users where UserName=@userName", new SqlParameter("userName", txtUserName.Text));
            if (dt.Rows.Count <= 0)
            {
                MessageBox.Show("用户名不存在");
                return;
            }
            else
            {
                DataRow dr = dt.Rows[0];
                int errortimes = Convert.ToInt32(dr["ErrorTimes"]);
                if (errortimes >= 3)
                {
                    MessageBox.Show("登录错误次数太多!");
                    return;
                }
                    string dbPassword = Convert.ToString(dr["Password"]);
                    if(dbPassword==txtPassword.Text)
                    {
                        MessageBox.Show("登录成功!");
                        SQLHelper.ExecuteNonQuery("Update T_Users Set ErrorTimes=0 where UserName=@userName", new SqlParameter("userName", txtUserName.Text));

                    }
                    else
                    {  
                        SQLHelper.ExecuteNonQuery("Update T_Users Set ErrorTimes=ErrorTimes+1 where UserName=@userName", new SqlParameter("userName", txtUserName.Text));
                        MessageBox.Show("密码错误!");
                    }
                }

            }
 
最终运行效果: