更改密码 [英] change password code

查看:62
本文介绍了更改密码的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

Option Explicit
Public conn As New ADODB.connection
Public rs As New ADODB.Recordset
Public rsinsert As New ADODB.Recordset

Sub connection()
Set conn = New ADODB.connection
conn.CursorLocation = adUseClient
conn.Open "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=E:\ digitalsignage.mdb;Persist Security Info=False"
End Sub

Private Sub cmdPwdChanged_Click()
    If txtpass.Text = "" Then
        MsgBox "Old pasword is empty", vbCritical, Me.Caption
        Exit Sub
    End If
    If txtpassword.Text = "" Then
        MsgBox "New pasword is empty", vbCritical, Me.Caption
        txtpassword.SetFocus
        Exit Sub
    End If
    If txtchangepassword.Text = "" Then
        MsgBox "New confirm pasword is empty", vbCritical, Me.Caption
        txtchangepassword.SetFocus
        Exit Sub
    End If
    If txtpassword.Text <> txtchangepassword.Text Then
        MsgBox "New Password and Confirm password mismatch", vbCritical, Me.Caption
        txtchangepassword.SetFocus
        Exit Sub
    End If
 Set rs = conn.Execute("select * from users where Username= '" & txtuser.Text & "' and Password='" & txtpass.Text & "'")
    If rs.EOF Then
        MsgBox "Invalid old password, Password not in database", vbCritical, Me.Caption
        Exit Sub
    End If
    conn.Execute "Update users SET Password='" & txtpassword.Text = "' WHERE Username='" & txtuser.Text = "'"
     MsgBox "Password changed successfully", vbInformation, Me.Caption
     txtpass.Text = ""
     txtpassword.Text = ""
     txtchangepassword.Text = ""
End Sub


Private Sub Form_Load()
Call connection
End Sub

Private Sub cmdCancel_Click()
form2.Hide
form1.Show
End Sub



IT显示更新stmt中的语法错误.请帮我.

[edit]已添加代码块-OriginalGriff [/edit]



IT shows that syntax error in update stmt. plz help me.

[edit]Code blocks added - OriginalGriff[/edit]

推荐答案

是的,我并不感到惊讶:
Yes, I''m not surprised:
conn.Execute "Update users SET Password='" & txtpassword.Text = "' WHERE Username='" & txtuser.Text = "'"
                                                              ^
                                                              |

请确保该字符应为&"字符...

顺便说一句:不要串联字符串来构建SQL命令.它使您对意外或蓄意的SQL注入攻击敞开大门,这可能会破坏整个数据库.改为使用参数化查询

Pretty sure that should be a ''&'' character...

BTW: Do not concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Use Parametrized queries instead


这篇关于更改密码的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
其他开发语言最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆