更改密码 [英] change password code
本文介绍了更改密码的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
Option Explicit
Public conn As New ADODB.connection
Public rs As New ADODB.Recordset
Public rsinsert As New ADODB.Recordset
Sub connection()
Set conn = New ADODB.connection
conn.CursorLocation = adUseClient
conn.Open "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=E:\ digitalsignage.mdb;Persist Security Info=False"
End Sub
Private Sub cmdPwdChanged_Click()
If txtpass.Text = "" Then
MsgBox "Old pasword is empty", vbCritical, Me.Caption
Exit Sub
End If
If txtpassword.Text = "" Then
MsgBox "New pasword is empty", vbCritical, Me.Caption
txtpassword.SetFocus
Exit Sub
End If
If txtchangepassword.Text = "" Then
MsgBox "New confirm pasword is empty", vbCritical, Me.Caption
txtchangepassword.SetFocus
Exit Sub
End If
If txtpassword.Text <> txtchangepassword.Text Then
MsgBox "New Password and Confirm password mismatch", vbCritical, Me.Caption
txtchangepassword.SetFocus
Exit Sub
End If
Set rs = conn.Execute("select * from users where Username= '" & txtuser.Text & "' and Password='" & txtpass.Text & "'")
If rs.EOF Then
MsgBox "Invalid old password, Password not in database", vbCritical, Me.Caption
Exit Sub
End If
conn.Execute "Update users SET Password='" & txtpassword.Text = "' WHERE Username='" & txtuser.Text = "'"
MsgBox "Password changed successfully", vbInformation, Me.Caption
txtpass.Text = ""
txtpassword.Text = ""
txtchangepassword.Text = ""
End Sub
Private Sub Form_Load()
Call connection
End Sub
Private Sub cmdCancel_Click()
form2.Hide
form1.Show
End Sub
IT显示更新stmt中的语法错误.请帮我.
[edit]已添加代码块-OriginalGriff [/edit]
IT shows that syntax error in update stmt. plz help me.
[edit]Code blocks added - OriginalGriff[/edit]
推荐答案
是的,我并不感到惊讶:
Yes, I''m not surprised:
conn.Execute "Update users SET Password='" & txtpassword.Text = "' WHERE Username='" & txtuser.Text = "'"
^
|
请确保该字符应为&"字符...
顺便说一句:不要串联字符串来构建SQL命令.它使您对意外或蓄意的SQL注入攻击敞开大门,这可能会破坏整个数据库.改为使用参数化查询
Pretty sure that should be a ''&'' character...
BTW: Do not concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Use Parametrized queries instead
这篇关于更改密码的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文