字密码是MS-访问喷气SQL保留关键字。如果你想使用它，你需要它括在方括号，同样为用户

 字符串的CommandString =SELECT登录，[密码] FROM [用户];
 

这将解决的语法错误当前的问题，但让我添加一些其他的code表现出了不同的方法

 公共BOOL检查（）
 {
    字符串conString = @供应商= Microsoft.ACE.OLEDB.12.0;数据源= C：\用户\ Volodia \文档\ WebSiteDatabase.accdb;
    使用（OleDbConnection的CON =新的OleDbConnection（conString）
    {
        con.Open（）;
        字符串的CommandString =SELECT COUNT（*）作为cntUser FROM [用户]+
                               ？WHERE登录=和[密码] =;
        使用（OleDbCommand的CMD =新的OleDbCommand（CommandString中，CON））
        {
            cmd.Parameters.AddWithValue（@ P1，TextBox1.Text）;
            cmd.Parameters.AddWithValue（@ P2，TextBox2.Text）;
            INT结果=（INT）cmd.ExecuteScalar（）;
            如果（结果大于0）
               返回true;
        }
    }
    返回false;
}
 

• 第一，不要使用全局连接对象，但创建和使用 连接只在需要时。
• 其次，封装就像连接一次性对象和 与using语句命令，以确保正确关闭 和处置，
• 三，通过用户名和密码作为where条件 第（以后会更多）
• 四，使用参数化查询，以避免语法错误和SQL 注射

通常不是一个很好的做法，存储在数据库里明文密码。你需要存储密码的唯一的哈希值每一次你需要检查用户的真实性时间重新计算该散列

I have a database that contains a table named "User(login,password,firstname,lastname)" . And I need to make login page . I've watched some tutorials , but it didn't help . I need to check if login and password exist in the database . and then redirect(if correct) to other page . This is what I already did:

OleDbConnection con = new OleDbConnection();
    public bool check()
    {
        con.ConnectionString = @"Provider=Microsoft.ACE.OLEDB.12.0;Data Source=C:\Users\Volodia\Documents\WebSiteDatabase.accdb";
        con.Open();
        string commandstring = "SELECT login,password FROM User";
        //objadapter = new SqlDataAdapter(CommandString, sqlconn.ConnectionString);
        OleDbDataAdapter objadapter = new OleDbDataAdapter(commandstring, con.ConnectionString);
        DataSet dataset = new DataSet();
        objadapter.Fill(dataset, "User");// it shows "Syntax error in FROM clause." here
        DataTable datatable = dataset.Tables[0];
        for (int i = 0; i < datatable.Rows.Count; i++)
        {
            string unam = datatable.Rows[i]["login"].ToString();
            string upwd = datatable.Rows[i]["password"].ToString();
            if ((unam == TextBox1.Text)&&(upwd==TextBox2.Text))
            {
                return true;
            }
        }

        return false;
    }
    protected void Button1_Click(object sender, EventArgs e)
    {
        if (check() == true)
        {
            Response.Redirect("WebForm2.aspx");
        }
    }

The word PASSWORD is a reserved keyword for MS-Access Jet SQL. If you want to use it you need to enclose it in square brackets, the same for USER

 string commandstring = "SELECT login, [password] FROM [User]";

This will resolve the immediate problem of the Syntax Error but let me add some other code to show a different approach

 public bool check()
 {
    string conString = @"Provider=Microsoft.ACE.OLEDB.12.0;Data Source=C:\Users\Volodia\Documents\WebSiteDatabase.accdb";
    using(OleDbConnection con = new OleDbConnection(conString)
    {
        con.Open();
        string commandstring = "SELECT count(*) as cntUser FROM [User] " + 
                               "WHERE login = ? AND [password] = ?";
        using(OleDbCommand cmd = new OleDbCommand(commandstring, con))
        {
            cmd.Parameters.AddWithValue("@p1", TextBox1.Text); 
            cmd.Parameters.AddWithValue("@p2", TextBox2.Text);
            int result = (int)cmd.ExecuteScalar();
            if(result > 0)
               return true;
        }
    }
    return false;
}

• First, do not use a global connection object but create and use the connection only when needed.
• Second, encapsulate the disposable objects like the connection and the command with the using statement that will ensure a correct close and dispose,
• Third, pass the login and the password as conditions for the where clause (more on this later)
• Fourth, use the parametrized query to avoid syntax errors and sql injection

Usually is not a good practice to store a password in clear text inside the database. You need to store only the hash of the password and recalculate this hash every time you need to check the user authenticity