如何在C#中登录表单失败3次后限制用户 [英] How to restrict a user after 3 unsuccessful attempts in login form in C#
问题描述
private void button1_Click(object sender, EventArgs e)
{
if (txtuser.Text == "" && txtpass.Text == "")
{
MessageBox.Show("USERNAME and PASSWORD cannot be blank");
txtuser.Focus();
}
else
{
SqlConnection cn = new SqlConnection("Data Source=XYZ;Initial Catalog=CRMS;Integrated Security=True");
cn.Open();
SqlCommand cmd = new SqlCommand("select * from login where username = '" + txtuser.Text + "' and password = '" + txtpass.Text + "'", cn);
SqlDataReader dr;
dr = cmd.ExecuteReader();
int count = 0;
while (dr.Read())
{
count += 1;
}
if (count == 1)
{
MessageBox.Show("WELCOME!", "Message", MessageBoxButtons.OK, MessageBoxIcon.Information);
Home h = new Home();
h.Show();
this.Hide();
}
else if (count >= 0)
{
MessageBox.Show("Wrong Username or Password", "Message", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
cn.Close();
txtuser.Clear();
txtpass.Clear();
}
}
我的尝试:
以上代码正常运行,完全没问题。我需要的是在3次尝试失败后限制用户,应用程序将退出。我真的不知道在哪里实现它。任何人都可以帮忙,我非常需要。
提前谢谢!
What I have tried:
The above code is working and no problem at all. What I need is to restrict user after 3 unsuccessful attempts and the application will exit. I really don't know where to implement that. Anyone can help please I badly need that.
Thank you in advance!
推荐答案
以下是您的代码的修改版本,以满足您的需求:
1)将计数器移动到表格的全局级别。
2)您可以使用数据阅读器的HasRows来查看是否找到了匹配项。
Hi,
Following is a modified version of your code to suit your needs:
1) Move the counter to a global level of the form.
2) You can use 'HasRows' of the data reader to see if a match was found.
// Move the counter at a global level for the form.
int count = 1;
private void button1_Click(object sender, EventArgs e)
{
if (txtuser.Text == "" && txtpass.Text == "")
{
MessageBox.Show("USERNAME and PASSWORD cannot be blank");
txtuser.Focus();
}
else
{
SqlConnection cn = new SqlConnection("Data Source=LAPTOP-SO38VH6F;Initial Catalog=CRMS;Integrated Security=True");
cn.Open();
SqlCommand cmd = new SqlCommand("select * from login where username = '" + txtuser.Text + "' and password = '" + txtpass.Text + "'", cn);
SqlDataReader dr;
dr = cmd.ExecuteReader();
if (dr.HasRows) // HasRows = true would imply the loging was found.
{
MessageBox.Show("WELCOME!", "Message", MessageBoxButtons.OK, MessageBoxIcon.Information);
cn.Close(); // Close connection
Home h = new Home();
h.Show();
this.Hide();
}
else
{
if (count++ >= 3)
{
MessageBox.Show("Failed in 3 login attempts. Assuming unauthorized access. Terminating!", "Message", MessageBoxButtons.OK, MessageBoxIcon.Error);
Application.Exit();
}
// This is the ELSE part - not terminating yet, but offering 3 attempts.
MessageBox.Show("Wrong Username or Password", "Message", MessageBoxButtons.OK, MessageBoxIcon.Error);
cn.Close(); // Close connection
txtuser.Clear();
txtpass.Clear();
}
}
}
关于改进代码的一些建议:
1)包裹在TRY中-CATCH。
2)看起来你在数据库中存储密码。请使用加密来存储和检索。
3)Mind Sql Injections。最好将用户名和密码传递给将返回YES / NO的SQL存储过程或函数。
Some suggestions on improving the code:
1) Wrap in TRY-CATCH.
2) It looks like you are storing the password as is in database. Please use encryption to store and retrieve.
3) Mind Sql Injections. Better pass the username and password to a SQL stored procedure or function that will return YES/NO.
本文描述了同样的问题。
三次错误的登录凭据然后登录表单将退出 [ ^ ]
This article describe the same question.
Three times wrong login credentials then login form will exit[^]
这篇关于如何在C#中登录表单失败3次后限制用户的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!