如何使用C#连接到Mysql? [英] How to connect to Mysql using C#?
问题描述
我只是C#的初学者.我将XAMPP服务器用于MySQL数据库和Visual C#2010.然后在phpMyAdmin中创建了一个名为"testdb"的数据库和一个名为"login"的表.我已经在表中插入了用户名和密码.我正在做一个简单的WinForm登录,在其中我输入了两个用于输入用户名和密码的文本框和一个按钮.我已完成代码,没有编译器错误.但是我曾一线烦恼.它显示无法连接到任何指定的MySQL主机".我将MySql.Data添加到引用中.我要在登录时获取数据库表中的数据.然后授权用户,或者如果用户不匹配,则会提示错误消息.
I'm just a beginner in C#. I'm using XAMPP server for MySQL database and Visual C# 2010. Then I have created a database named "testdb" in phpMyAdmin and a table named "login". I have inserted my username and password in the table. I'm doing a simple WinForm login where I made two text boxes for username and password and a button. I have my codes done and there's no compiler error. But I had troubled in one line. It says "Unable to connect to any of the specified MySQL hosts". I added MySql.Data to my references. I want to fetch the data in the database table when I'm going to log in. Then authorize the user or if not matched, it will prompt an error message.
这是我的代码:
using MySql.Data.MySqlClient;
public bool Login(string username, string password)
{
MySqlConnection con = new MySqlConnection("host=localhost;username…");
MySqlCommand cmd = new MySqlCommand("SELECT * FROM login WHERE username='" +
username + "' AND password='" + password + "';");
cmd.Connection = con;
con.Open(); // This is the line producing the error.
MySqlDataReader reader = cmd.ExecuteReader();
if (reader.Read() != false)
{
if (reader.IsDBNull(0) == true)
{
cmd.Connection.Close();
reader.Dispose();
cmd.Dispose();
return false;
}
else
{
cmd.Connection.Close();
reader.Dispose();
cmd.Dispose();
return true;
}
}
else
{
return false;
}
}
*我希望收到您的反馈. :)
*I hope for your your feedback. :)
推荐答案
您的直接问题可能是连接字符串不正确或数据库服务器不可用.连接字符串应该是这样的
Your immediate problem is probably either an incorrect connection string or the database server is not available. The connection string should be something like this
Server=localhost;Database=testdb;Uid=<username>;Pwd=<password>;
将<username>
和<password>
替换为您的实际值.
with <username>
and <password>
replaced with your actual values.
此外,您的代码中有几个问题,如果打算将其变成生产代码,甚至可能只是为了学习一些东西的玩具项目,也应该对它们进行调查.该列表顺序特殊,可能不完整.
Besides that your code has several issues and you should definitely look into them if this is intended to become production code and probably even if this is just a toy project to learn something. The list is in particular order and may not be comprehensive.
- 请勿对连接字符串进行硬编码. 将其移至配置文件.
- 请勿在配置文件或源代码中包含纯文本密码.有各种解决方案,例如 Windows身份验证,证书或 .aspx"rel =" nofollow noreferrer> Windows数据保护API .
- 不要仅通过调用
IDisposable.Dispose()
来处置IDisposable
实例. 即使在出现异常的情况下,也要使用using
语句来释放资源. - 请勿使用字符串操作技术来构建SQL语句. 请改为使用
SqlParameter
来防止SQL注入攻击 - 请勿在数据库中存储纯文本密码. 至少至少存储密码的哈希值并使用慢速哈希函数,而不是MD5或SHA的成员家庭.
- 您可以使用
IDbCommand.ExecuteScalar
检索标量结果,并避免使用数据读取器. - 将布尔值与
true
或false
进行比较是多余的,只会给代码增加噪音.可以使用if (reader.IsDBNull(0))
代替if (reader.IsDBNull(0) == true)
.if (reader.Read() != false)
等同于if (reader.Read() == true)
,因此也等同于if (reader.Read())
. - 使用像实体框架这样的O/R映射器是通常比在SQL命令级别上与数据库交互更受欢迎.
- Do not hard code your connection string. Instead move it to a configuration file.
- Do not include plain text passwords in configuration files or source code. There are various solutions like windows authentication, certificates or passwords protected by the Windows Data Protection API.
- Do not just dispose
IDisposable
instances by callingIDisposable.Dispose()
. Instead use theusing
statement to release resources even in the case of exceptions. - Do not build SQL statements using string manipulation techniques. Instead use
SqlParameter
to prevent SQL injection attacks. - Do not store plain text passwords in a database. Instead at least store salted hashes of the passwords and use a slow hash function, not MD5 or a member of the SHA family.
- You can use
IDbCommand.ExecuteScalar
to retrieve a scalar result and avoid using a data reader. - Comparing a boolean value with
true
orfalse
is redundant and just adds noise to your code. Instead ofif (reader.IsDBNull(0) == true)
you can just useif (reader.IsDBNull(0))
. The same holds forif (reader.Read() != false)
what is equivalent toif (reader.Read() == true)
and therefore alsoif (reader.Read())
. - Using an O/R mapper like the Entity Framework is usually preferred over interacting with the database on the level of SQL commands.
这篇关于如何使用C#连接到Mysql?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!