c#和mysql数据库的登录页面 [英] login page for c# and mysql database

问题描述

 i am currently trying to design a login page... but looks like i have a problem...  i would appreciate if mistakes are pointed out...
my codes are as follows
    private void button1_Click(object sender, EventArgs e)
        {
            try
            {
                DataSet1 dat = new DataSet1();
                DataSet1TableAdapters.usersTableAdapter usr2 = new DataSet1TableAdapters.usersTableAdapter();
                usr2.FillBy(dat.users, textBox1.Text, textBox3.Text);
                string usrnm = dat.users.Rows[0][0].ToString();
                string mode = dat.users.Rows[0][1].ToString();
                string passwrd = dat.users.Rows[0][2].ToString();
                if (usrnm == textBox1.Text && passwrd == textBox3.Text)
                {
                    if (mode == "IndustryMode")
                    {
                    IndustryModePage ind = new IndustryModePage();
                    ind.MdiParent = this;
                    ind.Show();
                    }
                    else if (mode == "HomeMode")
                    {
                        HomeModePage hom = new HomeModePage();
                        hom.MdiParent = this;
                        hom.Show();  }
                }
                else
                {
                    MessageBox.Show("wrong user/password combination");
                }
            }
            catch
            {
                MessageBox.Show("non existing user");
            }
        }
    }
its giving me an error that even my existing users are non existing.

推荐答案

首先，当您添加一个try-catch块时，您确实不应该这样做.不要使用匿名捕获-它所做的只是丢弃错误的原因，因此，当发生这种情况时，您不知道是什么导致了问题.
捕获异常，将其记录下来，并在有或没有原因的情况下报告.但是，不要只是将错误抛弃-这意味着您必须猜测导致问题的原因！
在这种情况下，我们只能做猜测:所以我猜您正在得到对象引用未设置为对象的实例".从您的dat.users行之一开始-并且dat不包含行或列...


顺便说一句:报告密码错误和用户错误的不同消息是一个坏主意-要做的只是告诉黑客，当他找到合法用户时，并专注于寻找匹配的密码...

Firstly, when you add a try - catch block you really shouldn''t use an anonymous catch - all it does is throw away the cause of the error, so when something like this happens, you don''t have any idea what is causing the problem.
Catch the exception, log it, and the report with or without a reason. But don''t just throw the error away - that means you have to guess what is causing the problem!
And in this case, guess is all we can do: So I am guessing that you are getting a "Object reference not set to an instance of an object." from one of your dat.users lines - and that dat contains no rows or columns...


BTW: It is a bad idea to report different messages for bad password and bad user - all that does is tell a hacker when he has found a legitimate user and to concentrate on finding a password to match...

这篇关于c#和mysql数据库的登录页面的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！