/// <summary>
        /// 用户登陆
        /// </summary>
        /// <param name="sender"></param>
        /// <param name="e"></param>
        private void btnLogin_Click(object sender, EventArgs e)
        {
            string userName = txtUserName.Text.Trim();
            string userPwd  = txtPasswd.Text.Trim();

            //  if ((txtUserName.Text != "") && (txtPasswd.Text != ""))

           if(!(string.IsNullOrEmpty(userName)) && !(string.IsNullOrEmpty(userPwd)))
            {
                string SqlText = "SELECT * FROM UserInfo Where UserName=@UserName and nCount >= @nCount";
                SqlParameter[] param = {
                        new SqlParameter("@UserName", SqlDbType.VarChar, 50) { Value = userName },
                        new SqlParameter("@nCount", SqlDbType.Int, 4) { Value = 5 },
                       };

                int r = SqlHelper.ExecuteScalar(SqlText, param);
                if (r > 0)
                {
                    lbMsg.ForeColor = Color.Red;
                    lbMsg.Text = "对不起,您的帐号已锁定!";
                    return;
                }
            }

            if (string.IsNullOrEmpty(userName) || string.IsNullOrEmpty(userPwd))
            {
                lbMsg.Text = "用户名或密码不能为空!";                
            }
            else
            {
                string SqlText = "SELECT *  FROM UserInfo Where UserName =@UserName And UserPwd=@UserPwd";
                SqlParameter[] param = {
                        new SqlParameter("@UserName", SqlDbType.VarChar, 50) { Value = userName },
                        new SqlParameter("@userPwd", SqlDbType.VarChar, 50) { Value = DEncrypt.GetMd5Str  (userPwd,this.passwordKey) },
                       };

                int r = SqlHelper.ExecuteScalar(SqlText, param);
                if (r > 0)
                {
                    //记录登陆成功时间;
                    string sqlText = "Update UserInfo SET lastLoginTime = GETDATE(),nCount=@nCount Where UserName =@UserName";
                    SqlParameter[] para = new SqlParameter[] {
                        new SqlParameter("@UserName",SqlDbType.VarChar,50){Value=userName},
                        new SqlParameter("@nCount",SqlDbType.Int,2){Value=0},
                    };
                    SqlHelper.ExecuteNonQuery(sqlText, para);
                    lbMsg.ForeColor = Color.Blue;
                    lbMsg.Text = "登陆成功!";
                    this.IsLogin = true;
                    this.DialogResult = DialogResult.OK;
                }
                else
                {
                    nCount++;
                    ////记录登陆失败时间,错误次数;
                    string sqlText = "Update UserInfo SET LastErrorDateTime= GETDATE(),nCount=@nCount Where UserName =@UserName";

                    SqlParameter[] para = new SqlParameter[] {
                        new SqlParameter("@UserName",SqlDbType.VarChar,50){Value=userName},
                        new SqlParameter("@nCount",SqlDbType.Int,2){Value=nCount},
                    };

                    SqlHelper.ExecuteNonQuery(sqlText, para);

                    lbMsg.ForeColor = Color.Red;
                    lbMsg.Text = "用户名或密码不正确!";
                }
            }

        }