登录注册 [英] Registration of login

问题描述

大家好...我有一个从数据库收集密码的登录表... sql数据库称为NumberPlate，表名为LoginUser ...我还创建了一个非常简单的注册表单仅输入ENTER OLD PASSWORD和ENTER NEW PASSWORD ...
我想做的是从注册表中进行的.它应该从LoginUser表中删除旧密码，然后输入我刚刚输入的新密码...

Hello everyone... i have a login form which collects the password from the database... the sql database is called NumberPlate and the table is called LoginUser... i have also created a very simple registration form with only ENTER OLD PASSWORD and ENTER NEW PASSWORD...
what i want to do is from the registration form.. it should delete the old password from the LoginUser table and put a new password which i have just entered...

heres the problem...
the database is not deleting the old password and not adding the new one...

more details
1) i only having one user
2) i already have a password but i want to replace it
all i have is a 
a) login screen which contains a password text field
b) registration which only has 2 textfields of old password and new password
c) and a form which has nothing to do with users information

The user is only meant to log in and thats it... the user has no personel information in the database

iam真的很抱歉，但是我的代码有点混乱...任何帮助将不胜感激...如果您想了解更多详细信息，请告诉我...如果您为我更正了代码，我也将不胜感激...

iam really sry but my code is a little messed up... any help would be appreciated... if you would like more details pls do tell me... i would also appreciate if you correct the code for me...

using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Text;
using System.Windows.Forms;
using System.Data.Sql;
using System.Data.SqlClient;

namespace Number_Plate
{
    public partial class Login : Form
    {
        public Login()
        {
            InitializeComponent();
        }

        SqlDataAdapter da = new SqlDataAdapter();
        SqlConnection sc = new SqlConnection("Data Source=MAAZA-PC;Initial Catalog=NumberPlates;Integrated Security=True");

        private void BtnLogin_Click(object sender, EventArgs e)
        {
            try
            {
                sc.Open();
            }
            catch (Exception)
            {
                MessageBox.Show("Did not connect");
            }
            SqlCommand cmd = new SqlCommand("SELECT * FROM LoginUser", sc);
            cmd.Connection = sc;
            SqlDataReader reader = null;
            reader = cmd.ExecuteReader();
            while (reader.Read())
            {
                if (TxtOldPassword.Text == (reader["Password"].ToString()) && TxtPassword.Text.ToString().Length > 0)
                {
                    <pre>int x;

                    da.UpdateCommand = new SqlCommand("UPDATE LoginUser SET password=@password", sc);
                    da.UpdateCommand.Parameters.Add("@Password", SqlDbType.VarChar).Value = TxtPassword.Text;
                    sc.Open();
                    x = da.UpdateCommand.ExecuteNonQuery();
                    sc.Close();

                    if (x >= 1)
                    MessageBox.Show("Password reset"

);
}
其他
{
MessageBox.Show("Pawwsord未重置");
}
}
}
}
}

);
}
else
{
MessageBox.Show("Pawwsord not reset");
}
}
}
}
}

now the error is coming as "connection was not closed. connection state still opened"

but what is suppose to happen is tht the LoginUser table should be updated and password is suppose to be the one in TxtPassword

thanks both of u...

推荐答案

搞砸了"，您还没有指出问题所在.
但是，还有几件事需要改进.

您不应该使用SELECT *，指定所需的列.一种是减少返回的列数，从而影响大小和性能，另一种则没有给SQL Server(假定SQL Server)进行更改以优化返回的TDS.

DELETE ... WHERE password = @password.如果用户使用相同的密码会怎样?也许可能性很小，但它会发生.无论如何，您都不应该将密码存储为文本，应该对密码进行哈希处理，然后根据表的主键删除密码.

INSERT INTO ...您对此没有过滤器.它将值插入表中的所有行.

Other than "my code is a little messed up" you haven''t indicated what the problem is.
However, there a couple of thing to improve.

You shouldn''t use SELECT *, specify the columns you want. One it reduces the number of columns returned, thus size and performance are effected, and two it doesn''t give SQL Server (assuming SQL Server) the change to optimize the TDS returned.

DELETE ... WHERE password = @password. What happens in the event users have the same password? A remote possibility perhaps but it will happen. You shouldn''t be storing passwords as text anyway, they should be hashed and you delete based on the primary key of the table.

INSERT INTO... You have no filter on this. It will insert the value to ALL rows in the table.

如果您将更详细地描述什么不起作用以及希望如何工作，将很有帮助.但是到目前为止，这是我可以看到的...

首先，您实际上并不想使用DELETE，然后再使用INSERT.删除将删除整个用户记录，听起来您真正想要做的就是更新密码.您应该使用UPDATE语句.

其次，您的WHERE有缺陷.您正在基于密码删除整个用户记录.因此，如果两个用户碰巧都使用完全相同的密码，则您将同时删除这两个用户. WHERE部分应为用户指定一些唯一标识符，例如某种类型的用户名或ID号.

第三，做好使用参数的工作.

我认为，通常来说，您正在寻找这样的声明:

It would help if you would describe in more detail what isn''t working and how you would like it to work. But here is what I can see so far...

First of all, you don''t really want to use a DELETE and then an INSERT. A delete will delete an entire user record, and it sounds like all you really want to do is update the password. You should be using an UPDATE statement.

Secondly, your WHERE is flawed. You are deleting an entire user record based on the password. So if two users both happened to have the exact same password you would delete BOTH of them. The WHERE portion should be targetting some unique identifier to the user, such as a user name or ID number of some type.

Thirdly, good job on using parameters.

I think, in general, you are looking for a statement like this:

UPDATE LoginUser SET password=@password WHERE LoginUserID=@UserID

这篇关于登录注册的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！