stackoom
  简体   繁体   中英

What's wrong with my SQL statement, something isn't working

 原文  2010-06-03 22:17:36       c#/ asp.net/ sql/ session

Question

I have this very simple method called to check if a user has a correct password. Any help on why it isn't working? This is for Microsoft SQL Server. 

public bool UserNameExists()
    {
        using (SqlConnection con = new SqlConnection("CONNECTION STRING AQUI!"))
        {
            con.Open();
            try
            {
                using (SqlCommand command = new SqlCommand(string.Format("SELECT * FROM Policia WHERE NumeroPlaca = '{0}' AND Password = '{1}'", Session.Contents["username"], Session.Contents["password"]), con))
                {
                    SqlDataReader reader = command.ExecuteReader();
                    if (reader.FieldCount > 0)
                    {
                        return true;
                    } 
                    else 
                    {
                        return false;
                    }
                }
            }
            catch
            {

            }

            return false;
        }
    }

2 answers

solution1
 4  2010-06-03 22:26:17

You could also do: 

"SELECT COUNT(*) FROM Policia..."

And then: 

int result = Convert.ToInt32(command.ExecuteScalar());
if (result > 0)
{
  return true;
} 
else 
{
  return false;
}

Full code: 

public bool UserNameExists()
{
  int result = int.MinValue;

  using (SqlConnection connection = new SqlConnection(_connectionString))
  {
    connection.Open();
    SqlCommand command = new SqlCommand();
    command.Connection = connection;
    command.CommandType = CommandType.StoredProcedure;
    command.CommandText = "SELECT COUNT(*) FROM Policia WHERE NumeroPlaca = @username AND Password = @password";
    command.Parameters.Clear();
    command.Parameters.Add("@username", SqlDbType.VarChar).Value = Session.Contents["username"];
    command.Parameters.Add("@password", SqlDbType.VarChar).Value = Session.Contents["password"];
    result = Convert.ToInt32(command.ExecuteScalar());
  }

  if (result > 0)
  {
    return true;
  }
  {
    return false;
  }
}

solution2
 3 ACCPTED  2010-06-03 22:21:17

FieldCount gets the number of columns in the current row, which will always be non-zero. You're looking for the number of rows in the result set. Use the HasRows property.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question SQL UPDATE isn't updating the database, is there something wrong with my SQL statement? What is wrong in my code that my dropdown list isn't working What's wrong with my IF statement? My MessageBox.Show Code In C# Isn't Working. There Are No Errors But Something Is Wrong My for statement isn't working properly In SqlDataAdapter query isn't working after passing a concatenated string as a query string, what's wrong? What is wrong with my while statement? Else statement won't write Why isn't my enum working in the switch statement? IF statement isn't working as intended if statement in jquery Isn't working
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM