检查数据库中是否存在用户名密码 [英] check if username password exists in database
本文介绍了检查数据库中是否存在用户名密码的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我正在使用visual studio并访问2012.
我使用密码箱和用户名文本框登录表单。
我想检查用户名密码是否存在于数据库。
我这样做了。
I am using visual studio and access 2012.
I did a login form with passwordbox and username textbox.
I want to check if the username password exists in the database.
I did this.
cmd.CommandText = "SELECT * FROM LOGIN WHERE username= '"+UserName+"' AND password='"+PassWord+"'";
// cmd.CommandText = "INSERT INTO Login VALUES('CHEKH','CHEKH')";
OleDbDataReader reader = cmd.ExecuteReader();
if (reader.Read())
{
MessageBox.Show("ID exists");
}
它有效,但我不知道怎么做。这是正确的方法吗?
It worked but I don''t know how. Is this the correct way?
推荐答案
不,它在很多方面都不正确。其中最重要的是你在数据库中存储未加密的密码。如果您的数据库遭到入侵,您只需将所有客户的密码更改为他们拥有帐户的其他地方。
阅读这些 [ ^ ]。
和< a href =https://www.google.com/#hl=en&sclient=psy-ab&q=c%2 3%20parameterized%20query&安培; OQ =安培; gs_l =安培; PBX = 1&安培; BAV = on.2,or.r_qf&安培; BVM = bv.45645796,d.aWM&安培; FP = bf45b1c67e77afe3&安培; BIW = 1920&安培;波黑= 1105& pf = p& pdl = 300>这些 [ ^ ]。
No, it''s not correct, in many ways. Not the least of which is that you''re storing passwords unencrypted in the database. If your database gets hacked, you just screwed all of your customers into changing their passwords everywhere else they have accounts.
Read these[^].
and these[^].
这篇关于检查数据库中是否存在用户名密码的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
