如何为读取数据库Vale创建If条件并与Textbox值进行比较? [英] How Can I Create A If Condition For Read Database Vales And Compare With Textbox Values?
问题描述
基本上我已经创建了一个向sql输入数据的软件。
我创建了一个存储用户名和登录的数据库。
所以我开发了一个读取sql数据的代码,它会成功读取它。
我只是存储了。
名称和密码如
Dilup(用户名)= 1234(密码)
Promod(用户名)= 1234(密码)
Chatura(用户名)= 1234(密码)
SqlConnection cn = new SqlConnection( global :: EnQApp.Properties.Settings.Default.Database1ConnectionString);
string name = ;
string pass = ;
尝试 {
cn.Open();
使用(SqlCommand command = new SqlCommand( SELECT * FROM Login,cn))
{
//
// 调用ExecuteReader方法。
//
SqlDataReader reader = command.ExecuteReader( );
while (reader.Read())
{
name = reader.GetString( 0 ); // 名称字符串
pass = reader.GetString( 1 ); // 密码字符串
}
< span class =code-keyword> if (name == UName.Text&& pass == PWord.Text)
{
ClassEnq.Uname = UName 。文本;
MessageBox.Show( 密码已接受);
this .Close();
setEnableToolStripMenuItem( true );
setDisableToolStripMenuItem( false );
}
else
{
MessageBox.Show( 密码不正确,请重新输入密码);
setEnableToolStripMenuItem( false );
}
}
}
catch (Exception ex){}
终于 {}
}
所以这是我的代码。
它会读取
Promod =密码1234
但是当你把稀释并输入1234对于密码
它会抛出我的其他消息。
你可以使用如下的sql语句
< pre lang =sql> 选择 count(*)登录其中名称= @名称和 Pass = @Pass
然后你会得到0或1给定的输入,如果你得到1意味着用户名和密码正确并且记录存在,这意味着用户登录成功。否则登录失败。
你需要学习一些最佳实践,不要存储计划密码,检查
密码存储:如何操作。 [ ^ ]
上面的sql语句中的
我有使用参数 [ ^ ]。它们是安全的,你可以避免sql注入攻击
以上的sql语句给你一个值,所以你可以使用commad.ExcuteScaler方法 [ ^ ]检索值
SqlConnection cn = new SqlConnection( global :: EnQApp .Properties.Settings.Default.Database1ConnectionString);
string name = ;
string pass = ;
尝试 {
cn.Open();
使用(SqlCommand command = new SqlCommand( SELECT * FROM登录,其中userID =' + UName.Text + '和password =' + PWord.Text + ',cn))
{
//
< span class =code-comment> // 调用ExecuteReader方法。
//
SqlDataReader reader = command.ExecuteReader();
if (reader.Read())
{
name = reader.GetString( 0 ); // 名称字符串
pass = reader.GetString( 1 ); // 密码字符串
if (name.Equals(UName.Text)&& pass.Equals(PWord.Text))
{
ClassEnq.Uname = UName.Text;
MessageBox.Show( 密码已接受);
this .Close();
setEnableToolStripMenuItem( true );
setDisableToolStripMenuItem( false );
}
else
{
MessageBox.Show( 密码不正确,请重新输入密码);
setEnableToolStripMenuItem( false );
}
}
else
{
MessageBox.Show( 密码不正确,请重新输入密码);
setEnableToolStripMenuItem( false );
}
}
}
catch (Exception ex){}
最后 {}
}
试试这个...
Basically i have created a software to input data to sql.
and i have created a database to store usernames and logins.
so i have developed a code for read sql data and it will read it successfully.
simply i stored.
names and passwords like
Dilup(User Names) = 1234(Passwords)
Promod(User Names) = 1234(Passwords)
Chatura(User Names) = 1234(Passwords)
SqlConnection cn = new SqlConnection(global::EnQApp.Properties.Settings.Default.Database1ConnectionString); string name=""; string pass =""; try { cn.Open(); using (SqlCommand command = new SqlCommand("SELECT * FROM Login", cn)) { // // Invoke ExecuteReader method. // SqlDataReader reader = command.ExecuteReader(); while (reader.Read()) { name = reader.GetString(0); // Name string pass = reader.GetString(1); // Password string } if (name == UName.Text && pass == PWord.Text) { ClassEnq.Uname = UName.Text; MessageBox.Show("Password Accepted"); this.Close(); setEnableToolStripMenuItem(true); setDisableToolStripMenuItem(false); } else { MessageBox.Show("Password Incorrect, Please Re-Enter Your Password"); setEnableToolStripMenuItem(false); } } } catch (Exception ex) { } finally { } }
so this is my code.
it will read
Promod = password 1234
but when you put dilup and enter 1234 for password
it will throws my else message.解决方案you can use sql statement like below
select count(*) Login where Name =@Name and Pass =@Pass
then you will get 0 or 1 for given inputs, if you get 1 means both user name and password as correct and record exist, that means user login success. otherwise login failed.
you need to learn few best practices, don't store plan passwords, check
Password Storage: How to do it.[^]
in above sql statement I have use parameters[^]. they are safe and you can avoid sql injection attacks
above sql statement give you one value, so you can use commad.ExcuteScaler method[^] retrieve the value
SqlConnection cn = new SqlConnection(global::EnQApp.Properties.Settings.Default.Database1ConnectionString); string name=""; string pass =""; try { cn.Open(); using (SqlCommand command = new SqlCommand("SELECT * FROM Login where userID='"+UName.Text+"' and password='"+PWord.Text+"'", cn)) { // // Invoke ExecuteReader method. // SqlDataReader reader = command.ExecuteReader(); if(reader.Read()) { name = reader.GetString(0); // Name string pass = reader.GetString(1); // Password string if (name.Equals(UName.Text) && pass.Equals(PWord.Text)) { ClassEnq.Uname = UName.Text; MessageBox.Show("Password Accepted"); this.Close(); setEnableToolStripMenuItem(true); setDisableToolStripMenuItem(false); } else { MessageBox.Show("Password Incorrect, Please Re-Enter Your Password"); setEnableToolStripMenuItem(false); } } else { MessageBox.Show("Password Incorrect, Please Re-Enter Your Password"); setEnableToolStripMenuItem(false); } } } catch (Exception ex) { } finally { } }
try this...
这篇关于如何为读取数据库Vale创建If条件并与Textbox值进行比较?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
