如何检查用户是否在数据库中写入Sam表单Word [英] How Can Check If The User Write The Sam Form Word In Database

问题描述

此登录表格代码但不检查以后是否有资金

如何检查用户是否在数据库中写入Sam Word







SqlCommand myCommand = default（SqlCommand）;



myCommand = new SqlCommand（SELECT用户名，PasswordUser FROM LoginTbl WHERE用户名= @Username和PasswordUser = @Password，myConnection）;



SqlParameter uName = new SqlParameter（@ Username，SqlDbType.VarChar ）;

SqlParameter uPassword = new SqlParameter（@ Password，SqlDbType.VarChar）;



uName.Value = txtUserName.Text;

uPassword.Value = txtPassword.Text;



myCommand.Parameters.Add（uName）;

myCommand .Parameters.Add（uPassword）;



myCommand.Connection.Open（）;



SqlDataReader myReader = myCommand.ExecuteReader（CommandBehavior.CloseConnection）;



if（myReader.Read（）== true）

{

//MessageBox.Show（您已成功登录+ txtUserName.Text）;

//隐藏登录表格

this.Hide（）;

FormMAIN2 fm = new FormMAIN2（）;

fm.ShowDialog（）;

Application.Exit （）;

}





其他

{

MessageBox.Show（登录失败...再试一次！，登录拒绝，MessageBoxButtons.OK，MessageBoxIcon.Error）;



txtUserName .Clear（）;

txtPassword.Clear（）;

txtUserName.Focus（）;



}

解决方案

不要。

请不要将密码存储清楚文本 - 这是一个主要的安全风险： http://www.commitstrip.com/wp-content/uploads/2013/09/Strips-Erreur-au-pilori-001-650-finalenglish.jpg [ ^ ]



见这里：密码存储：如何操作。 [ ^ ] - 它应该有帮助。

不要以纯文本形式存储密码！



这是一个常见的错误，并且有许多问题有关此主题的文章，请参阅codeproject。



我认为这个应该涵盖您，包括数据库访问：

Beginners指导一种安全的密码存储方式 [ ^ ]



有关密码安全的更深入信息，请参阅此处：

密码哈希 - 做对了 [ ^ ]



如果您想查看更多文章，请参阅Google搜索：

https://www.google.com/search?q=codeproject+salted+hashing&ie=utf-8&oe=utf-8 [ ^ ]

This Code for Login Form But Not Check If The Later Capital Or Not
How Can Check If The User Write The Sam Word In Database



SqlCommand myCommand = default(SqlCommand);

myCommand = new SqlCommand("SELECT Username,PasswordUser FROM LoginTbl WHERE Username = @Username AND PasswordUser = @Password", myConnection);

SqlParameter uName = new SqlParameter("@Username", SqlDbType.VarChar);
SqlParameter uPassword = new SqlParameter("@Password", SqlDbType.VarChar);

uName.Value = txtUserName.Text;
uPassword.Value = txtPassword.Text;

myCommand.Parameters.Add(uName);
myCommand.Parameters.Add(uPassword);

myCommand.Connection.Open();

SqlDataReader myReader = myCommand.ExecuteReader(CommandBehavior.CloseConnection);

if (myReader.Read() == true)
{
//MessageBox.Show("You have logged in successfully " + txtUserName.Text);
//Hide the login form
this.Hide();
FormMAIN2 fm = new FormMAIN2();
fm.ShowDialog();
Application.Exit();
}


else
{
MessageBox.Show("Login Failed...Try again !", "Login Denied", MessageBoxButtons.OK, MessageBoxIcon.Error);

txtUserName.Clear();
txtPassword.Clear();
txtUserName.Focus();

}

解决方案

Don't.
Please, don't store passwords in clear text - it's a major security risk: http://www.commitstrip.com/wp-content/uploads/2013/09/Strips-Erreur-au-pilori-001-650-finalenglish.jpg[^]

See here: Password Storage: How to do it.[^] - it should help.

Do not store passwords in plain text!

This is a common mistake and there are many good articles about this topic here on codeproject.

I think this one should cover you, including the database access:
Beginners guide to a secure way of storing passwords[^]

For more in-depth information about password security, please see here:
Salted Password Hashing - Doing it Right[^]

If you want to look at more articles, here's the Google search:
https://www.google.com/search?q=codeproject+salted+hashing&ie=utf-8&oe=utf-8[^]

这篇关于如何检查用户是否在数据库中写入Sam表单Word的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！