stackoom
  简体   繁体   中英

Error in Win Form Login

 原文  2013-12-13 14:31:10       winforms/ login/ combobox

Question

     private void Button1Click(object sender, EventArgs e)
     {
         var dt = new DataTable();
         const string Connectionstring = "Data Source=GARETH-PC1;Initial  Catalog=Genres;Integrated Security=True";
        using (var con = new SqlConnection(Connectionstring))
        {
            con.Open();
                var query = "Select Username From Login Where Username ='" + ComboBox1.SelectedText + "' Password ='" + textBox2.Text + "'";
                using (var sda = new SqlDataAdapter(query, con))
                {

                sda.Fill(dt);
            }

        }

        if (dt.Rows[0].ItemArray.GetValue(0).ToString() == "1")

        {
            Hide();

            var ss = new Main();
            ss.Show();
        }
        else
        {
            MessageBox.Show("Invalid Username or Password");
        }
    }

The if (dt.Rows[0].ItemArray.GetValue(0).ToString() == "1") - Returns an error saying there's nothing in the table... But there is ..any suggestions?

2 answers

solution1
 0  2013-12-13 14:38:33

Maybe you can try like this: 

dt.Rows[0]["ColumnName"].ToString()

This is working for me.

solution2
 0  2013-12-13 14:40:41

I would change your code in this way. First, change to a parameterized query instead of a string concatenation (Sql Injection and parsing) Second, use the count property to check if you have found a record or not 

 private void Button1Click(object sender, EventArgs e)
 {
     var dt = new DataTable();
     const string Connectionstring = "Data Source=GARETH-PC1;Initial  Catalog=Genres;Integrated Security=True";
    var query = "Select Username From Login Where Username =@uname AND Password=@pwd";
    using (var con = new SqlConnection(Connectionstring))
    using (var cmd = new SqlCommand(query, con)
    {
        con.Open();
        cmd.Parameters.AddWithValue("@uname", ComboBox1.SelectedText);
        cmd.Parameters.AddWithValue("@pwd", textBox2.Text);
        using (var sda = new SqlDataAdapter(cmd))
        {
            sda.Fill(dt);
        }
    }
    if (dt.Rows.Count > 0)
    {
        Hide();

        var ss = new Main();
        ss.Show();
    }
    else
    {
        MessageBox.Show("Invalid Username or Password");
    }
}

As a side note, it is a very bad idea to store passwords in plain text inside a database. You should consider to use an HASH and store it instead of the plain password.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question is it possible to call win form rather than windows login window? Win form application start up error Win Form, Registration form C# login form Error “There is no row at Position 0” Win Form Colors Win Form Charting Win Form waiting panel 1 Button 4 Comboboxes On Win Form Data table in win form win form webBrowser menu
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM