插入密码,其中用户类型和用户名等于某些数据? [英] insert password where user type and username equals to some data?
问题描述
if (NewUserRB.Checked) // 这是我的单选按钮
{
Pass_Verification.Visible = true ; // 如果用户点击新用户单选按钮,则确认密码文本框
if (User_Password.Text == Pass_Verification.Text) // 检查天气密码字段匹配
{
字符串 UserTypeCmb = UserType_CMBbox.SelectedItem.ToString(); // 包含用户类型的组合框
String UserNameCmb = UserName_CMBbox.SelectedItem.ToString(); // 用户点击用户类型数据将自动从数据库加载
SqlConnection con = new SqlConnection();
con.ConnectionString = 数据源= PROMOD-PC;初始目录= Unicella_Data;集成安全性=真 ;
con.Open();
字符串 QueryStr2 = INSERT INTO Login_Table(密码)VALUES(' + User_Password.Text + ')从Login_Table中选择密码WHERE User_Type = @ UT AND User_Name = @ UN;
// 我想根据用户类型和用户名插入密码
SqlCommand cmd = new SqlCommand(QueryStr2,con);
cmd.Parameters.AddWithValue( @ UT,UserTypeCmb);
cmd.Parameters.AddWithValue( @ UN,UserNameCmb);
// SqlDataReader sqldread2 = cmd.ExecuteReader();
cmd.ExecuteNonQuery ();
MessageBox.Show( 保存完成!);
con.Close();
}
else
{
MessageBox.Show( 尝试另一个密码!);
}
}
其他 如果(ExcistingUserRB.Checked)
{
String UserTypeCmb = UserType_CMBbox.SelectedItem.ToString();
String UserNameCmb = UserName_CMBbox.SelectedItem.ToString();
SqlConnection con2 = new SqlConnection();
con2.ConnectionString = 数据源= PROMOD-PC;初始目录= Unicella_Data;集成安全性=真 ;
con2.Open();
字符串 QueryStr = 从UserAessntication中选择UPassword WHERE UserType = @ UT AND UserName = @ UN;
SqlCommand cmd = new SqlCommand(QueryStr,con2);
cmd.Parameters.AddWithValue( @ UT,UserTypeCmb);
cmd.Parameters.AddWithValue( @ UN,UserNameCmb);
SqlDataReader sqldread2 = cmd.ExecuteReader();
if (sqldread2.Read())
{
string pass = sqldread2 [ 密码]。ToString();
string UIPass = User_Password.Text;
if (pass == UIPass)
{
MessageBox.Show( 也可以保存!);
}
}
}
}
问题是我想根据用户名和用户类型插入密码
这会插入密码但会插入密码进入新的领域。我正在使用c#控件?
概念是有两个组合框和一个文本框,两个单选按钮..
Usertype = Combobox
用户名=组合框
PAssword =文本框
新用户=单选按钮
激发用户=单选按钮
这个小公司的应用程序
有两个usertypes = HR和IT
如果有人选择hr ...它会加载数据库中与HR相关的所有用户名..所以IT用户如果用户选择新用户则需要
单选按钮...新用户可以看到一个文本框进行密码验证
如果用户选择现有的用户单选按钮,其他的东西是
it将用户输入密码与数据库1进行比较,并允许用户访问
INSERT查询 始终 创建一个新的记录:就像在老式卡片索引中添加新卡片一样系统。因此,它们永远不会有WHERE子句,因为您无法使用它们来修改现有行。
如果你想更改现有的行(或行),那么你需要一个UPDATE查询:
字符串 QueryStr2 = UPDATE Login_Table SET Password = @ PS WHERE User_Type = @ UT AND User_Name = @ UN;
SqlCommand cmd = new SqlCommand(QueryStr2,con);
cmd.Parameters.AddWithValue( @ UT,UserTypeCmb);
cmd.Parameters.AddWithValue( @ UN,UserNameCmb);
cmd.Parameters.AddWithValue( @ PS,User_Password.Text);
但请不要这样做!切勿以明文形式存储密码 - 这是一个主要的安全风险。有关如何在此处执行此操作的信息:密码存储:如何做到这一点。 [ ^ ]
if (NewUserRB.Checked) // This is my radio button
{
Pass_Verification.Visible = true; // Confirm Password textbox visible if user click new user radio button
if (User_Password.Text == Pass_Verification.Text) // Check weather password fields are match
{
String UserTypeCmb = UserType_CMBbox.SelectedItem.ToString(); // combo box which holds user type
String UserNameCmb = UserName_CMBbox.SelectedItem.ToString(); // user click user type data will load automatically from database
SqlConnection con = new SqlConnection();
con.ConnectionString = "Data Source=PROMOD-PC;Initial Catalog=Unicella_Data;Integrated Security=True";
con.Open();
String QueryStr2 = "INSERT INTO Login_Table(Password) VALUES ('" + User_Password.Text + "') Select Password from Login_Table WHERE User_Type=@UT AND User_Name=@UN";
// I want to insert password according to the user type and user name
SqlCommand cmd = new SqlCommand(QueryStr2, con);
cmd.Parameters.AddWithValue("@UT", UserTypeCmb);
cmd.Parameters.AddWithValue("@UN", UserNameCmb);
//SqlDataReader sqldread2 = cmd.ExecuteReader();
cmd.ExecuteNonQuery();
MessageBox.Show("Saving is done!");
con.Close();
}
else
{
MessageBox.Show("Try Another Password!");
}
}
else if (ExcistingUserRB.Checked)
{
String UserTypeCmb = UserType_CMBbox.SelectedItem.ToString();
String UserNameCmb = UserName_CMBbox.SelectedItem.ToString();
SqlConnection con2 = new SqlConnection();
con2.ConnectionString = "Data Source=PROMOD-PC;Initial Catalog=Unicella_Data;Integrated Security=True";
con2.Open();
String QueryStr = "Select UPassword from UserAthentication WHERE UserType=@UT AND UserName=@UN";
SqlCommand cmd = new SqlCommand(QueryStr, con2);
cmd.Parameters.AddWithValue("@UT", UserTypeCmb);
cmd.Parameters.AddWithValue("@UN", UserNameCmb);
SqlDataReader sqldread2 = cmd.ExecuteReader();
if (sqldread2.Read())
{
string pass = sqldread2["Password"].ToString();
string UIPass = User_Password.Text;
if (pass == UIPass)
{
MessageBox.Show("Saving is done too!");
}
}
}
}
The problem is I want to insert password with according to the user name and user type
this will insert password but it will insert into new field. i'm using c# controls?
the concept is there are two combo boxes and one textbox, two radio buttons..
Usertype = Combobox
Username = Combobox
PAssword = Textbox
New user = Radio button
Excisting user = Radio button
this application for small company
there are two usertypes = HR and IT
if some one select hr... it will load all the usernames from the database which related to HR.. so as IT users
if user select new user radio button... one textbox will visible to new users to password authentication
other thing is if user select existing user radio button
it will compare user input password with database one and gives user to access
INSERT queries always create a new record: it's like adding a new card to an old-fashioned card index system. As a result, they never have a WHERE clause, because you can't use them to modify existing rows.
If you want to change an existing row (or rows) then you need an UPDATE query:
String QueryStr2 = "UPDATE Login_Table SET Password=@PS WHERE User_Type=@UT AND User_Name=@UN"; SqlCommand cmd = new SqlCommand(QueryStr2, con); cmd.Parameters.AddWithValue("@UT", UserTypeCmb); cmd.Parameters.AddWithValue("@UN", UserNameCmb); cmd.Parameters.AddWithValue("@PS", User_Password.Text);
But please, don't do it like that! Never store passwords in clear text - it is a major security risk. There is some information on how to do it here: Password Storage: How to do it.[^]
这篇关于插入密码,其中用户类型和用户名等于某些数据?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
