1. 首页
  2. 问答
  3. 将用户输入的用户名/密码与mysql数据库用户名/密码比较不起作用

将用户输入的用户名/密码与mysql数据库用户名/密码比较不起作用

2013-12-10 112 views
0

将输入的用户名和密码与数据库中指定用户的用户名和密码进行比较时遇到问题。我相信所有的代码都是正确的,但是当我点击登录按钮时,没有任何反应。请帮助,如果你需要任何额外的信息,请问。将用户输入的用户名/密码与mysql数据库用户名/密码比较不起作用

代码:

private void btnLogin_Click(object sender, EventArgs e) 
    { 
     int numerror = 0; 
     if (UsernameTextBox.Text == "") 
     { 
      numerror = numerror + 1; 
     } 
     if (PasswordTextBox.Text == "") 
     { 
      numerror = numerror + 1; 
     } 
     if (numerror == 1) 
     { 
      ErrorLabel.Text = "*1 required field is blank."; 
     } 
     else if (numerror == 2) 
     { 
      ErrorLabel.Text = "*2 required fields are blank"; 
     } 
     else 
     { 
      string connectionString = "datasource=localhost;port=3306;username=*****;password=**********"; 
      string select = "SELECT username, password FROM userinfo.users " + 
          "WHERE username = @username AND password = @password"; 

      using (MySqlConnection Conn = new MySqlConnection(connectionString)) 
      { 
       using (MySqlCommand cmd = new MySqlCommand(select, Conn)) 
       { 
        cmd.Parameters.AddWithValue("@username", UsernameTextBox.Text); 
        cmd.Parameters.AddWithValue("@password", PasswordTextBox.Text); 

        Conn.Open(); 

        using (MySqlDataReader reader = cmd.ExecuteReader()) 
        { 
         if (reader.Read()) 
         { 
          string username = reader.GetString(0); 
          string password = reader.GetString(1); 

          if (username == UsernameTextBox.Text) 
          { 
           string encodeduserinputpassword = EncodePassword(PasswordTextBox.Text); 
           if (password == encodeduserinputpassword) 
           { 
            AirSpace airspaceform = new AirSpace(); 
            airspaceform.Show(); 
            this.Hide(); 
           } 
           else 
           { 
            CMessageBox("Login Error", "Incorrect username or password."); 
           } 
          } 
          else 
          { 
           CMessageBox("Login Error", "Incorrect username or password."); 
          } 
         } 
        } 

        Conn.Close(); 
       } 
      } 
     } 
    }

来源

2013-12-10 Noah Cordoba

回答

0

您通过EncodePassword使用编码的密码,但你的选择查询是做直匹配。

改变你的选择

SELECT username, password FROM userinfo.users 
WHERE username = @username

和删除密码参数。

private void btnLogin_Click(object sender, EventArgs e) 
{ 
    int numerror = 0; 
    if (UsernameTextBox.Text == "") 
    { 
     ErrorLabel.Text = "*1 required field is blank."; 
    } 
    else if (PasswordTextBox.Text == "") 
    { 
     ErrorLabel.Text = "*2 required fields are blank"; 
    } 
    else 
    { 
     string connectionString = "datasource=localhost;port=3306;username=*****;password=**********"; 
     string select = "SELECT username, password FROM userinfo.users " + 
         "WHERE username = @username"; 

     using (MySqlConnection Conn = new MySqlConnection(connectionString)) 
     { 
      using (MySqlCommand cmd = new MySqlCommand(select, Conn)) 
      { 
       cmd.Parameters.AddWithValue("@username", UsernameTextBox.Text); 

       Conn.Open(); 

       using (MySqlDataReader reader = cmd.ExecuteReader()) 
       { 
        if (reader.Read()) 
        { 
         string username = reader.GetString(0); 
         string password = reader.GetString(1); 

         string encodeduserinputpassword = EncodePassword(PasswordTextBox.Text); 
         if (password == encodeduserinputpassword) 
         { 
          AirSpace airspaceform = new AirSpace(); 
          airspaceform.Show(); 
          this.Hide(); 
         } 
         else 
         { 
          CMessageBox("Login Error", "Incorrect username or password."); 
         } 
        } 
        else 
        { 
         CMessageBox("Login Error", "Incorrect username or password."); 
        } 
       } 

       Conn.Close(); 
      } 
     } 
    } 
}

来源

2013-12-10 17:57:16 Kami

+0

非常感谢你,没有意识到我正在做一个直接的比赛,尽管现在虽然。也意识到我所要做的只是选择一行来识别用户名。谢谢!当我可以的时候会做出这个答案。 –

相关问题

 相关问题