-1
这是我的程序,我需要验证用户名或密码是否已经存在,但是如果我为验证添加另一个使用语句,它仍会通过数据库。我应该如何使用IF内有如SQL语句( “@用户名” == _f3txtuser.text)使用IF ELSE语句围绕SQL使用C#
private void _F3Register_Click(object sender, EventArgs e)
{
if (_F3txtUser.Text == "" || _F3txtPass.Text == "")
MessageBox.Show("Please Fill The Missing Informations");
else if (_F3txtPass.Text != _F3txtCheckPass.Text)
MessageBox.Show("Password Do Not Match");
else if (("@USERNAME" == _F3txtUser) || ("@PASSWORD" == _F3txtPass))
MessageBox.Show("Username or Password already Exists");
else
{
using (SqlConnection _sqlcon = new SqlConnection(connectionstring)) //Database Connection
{
_sqlcon.Open();
String query2 = "Insert into LOGINFORM(USERNAME, PASSWORD, FNAME, LNAME, AGE) values(@USERNAME, @PASSWORD, @FNAME, @LNAME, @AGE)"; // Database Command for Insertion
using (SqlCommand _sqlcmd = new SqlCommand(query2, _sqlcon)) //using database connection and command in one method
{
_sqlcmd.Parameters.AddWithValue("@USERNAME", _F3txtUser.Text.Trim());
_sqlcmd.Parameters.AddWithValue("@PASSWORD", _F3txtPass.Text.Trim());
_sqlcmd.Parameters.AddWithValue("@FNAME", _txtFN.Text.Trim());
_sqlcmd.Parameters.AddWithValue("@LNAME", _txtLN.Text.Trim());
_sqlcmd.Parameters.AddWithValue("@AGE", _txtAge.Text.Trim());
_sqlcmd.ExecuteNonQuery();
}
MessageBox.Show("Registration Successfull");
Clear();
}
}
}
void Clear()
{
_F3txtUser.Clear();
_F3txtPass.Clear();
_txtFN.Clear();
_txtLN.Clear();
_txtAge.Clear();
_F3txtCheckPass.Clear();
}
}
} ELSE语句
代码应该在这里为文本 –
你应该看看[灿w^e停止使用AddWithValue()了吗?](http://blogs.msmvps.com/jcoehoorn/blog/2014/05/12/can-we-stop-using-addwithvalue-already/)并停止使用'.AddWithValue( )' - 它可能会导致意想不到的结果和令人惊讶的结果... –