如何在登录表单中进行更新查询 [英] how to have a update query in login form

问题描述

如何在按钮单击事件中编写更新查询.
我的数据库中有两列
用户名和密码
我只想要一个按钮单击代码，它可以简单地替换数据库列中已经存在的密码.当然，我正在构建一个简单的登录表单，我有一个检查登录的代码，我还将在注册时为新用户提供插入查询.但是如何获取忘记的密码查询，该查询将仅替换数据库中密码列中存在的我的旧密码
谁能为我提供一个简单的查询，例如insert

how to write a update query in a button click event.
i have two columns in my db
Username and Password
i just want a button click code that simply replaces the password which is present already in my database column. surely i am bulding a login simple form i have a code which checks login and i will also give insert query as a register a new user. but how to get a forgot password query which will simply replaces my old password which is there in password column in database
can anyone provide me with a simple query like insert like this

string qry1 = "Select * from Log007 where Password=@Password and Username=@Username";
            SqlCommand com = new SqlCommand(qry1, con);
            com.Parameters.AddWithValue("@Username", this.textBox1.Text);
            com.Parameters.AddWithValue("@Password", this.textBox2.Text);
            SqlDataReader dr = com.ExecuteReader();

..更新..忘记密码链接的简单查询
在此先感谢

.. to update.. a simple query for forgot password link
thanks in advance

推荐答案

在用新的旧密码(忘记了)更新之前，我认为更重要的问题是如何确保用户是他自称的人.

根据要求，您可能会有一个秘密问题和一个先前存储的答案或其他内容.

否则，基本上任何人只要知道或猜测用户名即可更改其他用户的密码(通常一点也不难).

我在查看代码时注意到的另一件事是，您将密码存储为纯文本格式，请不要这样做.正确的方法是使用单向加密来存储密码.通过使用正确的加密，没有人可以看到实际的密码.例如，查看以下线程: http://stackoverflow.com/Problems/1054022/best-way-to-store-password-in-database [ http://msdn.microsoft.com/zh-cn/library/ms177523.aspx [ ^ ]

Before updating the old (forgotten) password with a new one, I believe that the more important question is that how you will make sure that the user is who he is claiming to be.

Depending on the requirements, you could have a secret question and a previously stored answer to it or something else.

Otherwise basically anybody can change another users password as long as he knows or guesses the username (which typically isn''t hard at all).

Another thing I noticed while looking at the code was that you store the password in plain text, don''t. The proper way would be to store the password using one-way encryption. By using proper encryption, nobody can see the actual password. For example, have a look at this thread: http://stackoverflow.com/questions/1054022/best-way-to-store-password-in-database[^]

Concerning about the update, you can use the UPDATE statement, see: http://msdn.microsoft.com/en-us/library/ms177523.aspx[^]

如果您尝试构建忘记密码"之类的东西，最好使用内置功能而不是自己编写代码.
从VS 2008开始就提供客户端应用程序服务.
它基于ASP.Net中使用最广泛的内置成员资格服务.您可以按照下面有关如何创建使用客户端应用程序服务来验证用户身份并检索用户角色和设置的Windows应用程序"的文章.

http://msdn.microsoft.com/en-us/library/bb546195 (v = vs.90).aspx [

if you are trying build "Forgot Password" kind of stuff, it''s better to use built-in functionality than coding on your own.
Client Application Service is there since VS 2008.
This is based on built-in membership service that''s most widely used in ASP.Net. You can follow the article below on "How to create a Windows application that uses client application services to authenticate users and retrieve user roles and settings."

http://msdn.microsoft.com/en-us/library/bb546195(v=vs.90).aspx[^]

Thanks,

Kuthuparakkal

UPDATE       tbl_User
SET          Password = @yourNewPassword
WHERE        (Password =      (SELECT       Password
                               FROM         tbl_User AS tbl_User_1
                               WHERE        (Username = @yourUserName)))

这篇关于如何在登录表单中进行更新查询的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！