VB.NET 和“登录会话" [英] VB.NET and a 'login session'
问题描述
我正在 VB 中制作一个使用 MySQL 作为数据库的应用程序.我有一个 frmMain
和一个名为 frmLogin
的表单.当我登录时,登录表单会检查数据库是否用户输入了正确的用户名和密码.我希望他们返回到 frmMain
并在 frmMain
中将信息(例如 ID、登录名和角色)作为字符串(或更安全的东西)传递,但我没有知道什么是最好的方法.
I am making a application in VB that uses MySQL as database. I have a frmMain
and a form called frmLogin
. When I login, the login form checks the database if the user entered the correct username and password. I want them to return to frmMain
and pass the information (eg. id, login name and role) as a string (or something safer) in frmMain
but I don't know whats the best way to do it.
这是我在 frmLogin
中的代码(我知道 sql 注入):
Here is my code in frmLogin
(I know about the sql injections):
Private Sub btnLogin_Click(sender As System.Object, e As System.EventArgs) Handles btnLogin.Click
Dim loginResult As String
If String.IsNullOrEmpty(TextGebruikersNaam.Text) Or String.IsNullOrEmpty(TextGebruikersPass.Text) Then
MsgBox("Voer uw gebruikersnaam en wachtwoord in om in te loggen. ", MsgBoxStyle.Exclamation, "Foutmelding")
TextGebruikersNaam.Focus()
Else
Dim newPass As String
newPass = HashString.getSHA1Hash(TextGebruikersPass.Text)
loginResult = SQLHook.Counter("SELECT COUNT(*) FROM tblgebruikers WHERE GebruikersNaam='" & TextGebruikersNaam.Text.Replace("'", "''") & "' AND GebruikersPass='" & newPass.Replace("'", "''") & "'")
If loginResult = 1 Then
' Login is cewl, now set some strings and unload this form so user
' could continue on frmMain.
Else
MsgBox("De gebruikersnaam of wachtwoord is onjuist.", MsgBoxStyle.Exclamation, "Foutmelding")
TextGebruikersPass.Text = ""
TextGebruikersPass.Focus()
End If
End If
End Sub
是否有安全的方法来设置(例如)带有用户名和角色的字符串(在数据库中也作为GebruikersRole"行.
Is there are safe way to set a (eg.) String with the username and a role (thats inside the database too as a 'GebruikersRole' row.
感谢您的帮助.
推荐答案
使用会话或应用程序变量来保持您的数据可通过我们的应用程序访问,或者您可以创建一个像 Person info 这样的类并将这些值分配给该类中的属性和它可以在整个应用程序中访问
use session or application variables to keep your data accessible through our the application or you can create a class like Person info and assign those value to properties within that class and it'll be accessible throughout the application
创建一个类
班级人员
private _username as string
private _username as string
公共共享属性用户名作为字符串得到返回_用户名结束获取设置(字符串的值)_用户名 = 值结束集
public shared property username as string get return _username end get set(value of string) _username = value end set
结束课程
这将使整个应用程序都可以使用登录信息,只需引用 person 对象即可.
this will make the the login info available to the entire application just reference the person object.
这篇关于VB.NET 和“登录会话"的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!