关于注册用户的C#类的问题 [英] Question regarding C# classes to register a user

查看:112
本文介绍了关于注册用户的C#类的问题的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

Hi, I am new learning C# and trying to create sql server database. For that I have created a User class and Database class. My problem is if I try to signup a new user, database does not get any data. Can anyone please help me figure out what I am missing.

Here is the code
**User Class**
public class UserDB
    {
        public int Id { get; set; }
        public string UserName { get; set; }
        public string Password { get; set; }
        public string Gender { get; set; }
        public string PhoneNo { get; set; }
        public string Email { get; set; }
        public string DateofBirth { get; set; }

    }

**Database Class**
{
    public class Database : UserDB
    {
        public SqlConnection conn;
        public SqlCommand Cmd;
        public SqlDataReader dr;
        private DataTable dt;


        public Database()
        {

            conn = new SqlConnection(@"Data Source=DESKTOP;Initial Catalog=Login_DB;Integrated Security=True");

        }
        public int Register(UserDB user)
        {
            int code = 1;
            try
            {
                using (SqlCommand command = new SqlCommand(
                        "INSERT INTO UserDB(Name, Password, Gender, Phone, Email, DOB) VALUES(username, password, gender, phoneno, email, dateofbirth, )", conn))
                {
                    
                    command.Parameters.Add(new SqlParameter("UserName", UserName));
                    command.Parameters.Add(new SqlParameter("Password", Password));
                    command.Parameters.Add(new SqlParameter("Gender", Gender));
                    command.Parameters.Add(new SqlParameter("PhoneNo", PhoneNo));
                    command.Parameters.Add(new SqlParameter("Email", Email));
                    command.Parameters.Add(new SqlParameter("DateofBirth", DateofBirth));
                    
                    command.ExecuteNonQuery();
                }
            }
            catch (SqlException ex)
            {
                code = -1;
            }
            return code;
        }

    }

**Registration Page**
 public sealed partial class RegPage : Page
    {
       Database db;
               
        public RegPage()
        {
            this.InitializeComponent();
            
        }


        private void BtnSubmit_Click(object sender, RoutedEventArgs e)
        {

            int code =1;
            UserDB user = new UserDB();
            {
                user.UserName = Username.Text.Trim();
                user.Password = Password.Password;
                user.PhoneNo = PhoneNo.Text.ToString();
                user.Email = Email.Text.Trim();
                user.DateofBirth = DateofBirth.ToString();

            };
            if (code == -1)
            {
                var message = new MessageDialog("Register failed");
                //await message.ShowAsync();
            }
            else
            {
                var message = new MessageDialog("Register success");
                
                this.Frame.Navigate(typeof(MainPage));
            }
        }
    }





我尝试了什么:



不同的在线论坛和在线教程



What I have tried:

different online forums and online tutorials

推荐答案

更改为:

Change to this:
using (SqlCommand command = new SqlCommand(
        "INSERT INTO UserDB(Name, Password, Gender, Phone, Email, DOB) VALUES(@username, @password, @gender, @phoneno, @email, @dateofbirth)", conn))
{

    command.Parameters.Add(new SqlParameter("@UserName", user.UserName));
    command.Parameters.Add(new SqlParameter("@Password", user.Password));
    command.Parameters.Add(new SqlParameter("@Gender", user.Gender));
    command.Parameters.Add(new SqlParameter("@PhoneNo", user.PhoneNo));
    command.Parameters.Add(new SqlParameter("@Email", user.Email));
    command.Parameters.Add(new SqlParameter("@DateofBirth", user.DateofBirth));

    command.ExecuteNonQuery();
}

但在某处,你还需要打开SqlConnection对象!



这些很重要:

1)DateOfBirth不应该是一个字符串!您应该使用TryParse将用户输入转换为DateTime对象,并将其存储在User类中 - 并将转换后的值传递给SQL以存储在DATE或DATETIME列中,而不是NVARCHAR或VARCHAR列。如果你不这样做,那么当你以后使用这些数据时会遇到很大的问题。

2)绝不以明文形式存储密码 - 这是一个主要的安全风险。有关如何在此处执行此操作的信息:密码存储:如何做到这一点。 [ ^ ] - 我知道它对您来说可能有点先进,但是尽早开始正确的想法和习惯非常重要!存储明文密码是 CodeCrime [ ^ ]

But somewhere, you also need to Open the SqlConnection object!

And these are important:
1) DateOfBirth should not be a string! You should use TryParse to convert the user input into a DateTime object, and store that in your User class instead - and pass the converted value to SQL for storage in a DATE or DATETIME column, not a NVARCHAR or VARCHAR one. If you don;t do that, you will have huge problems when you come to use the data later on.
2) Never store passwords in clear text - it is a major security risk. There is some information on how to do it here: Password Storage: How to do it.[^] - I know it's probably a little advanced for you, but it's very important to get the right ideas and habits started as early as possible! Storing clear text passwords is a CodeCrime[^]


这篇关于关于注册用户的C#类的问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
其他开发语言最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆