![](/img/trans.png)
[英]how to get 2 data from database in one single cell of a gridview in asp.net?
[英]get one cell of data from database
我想從我的數據庫中獲取數據。 表名是MsUser,其中包含用戶ID,用戶名和密碼。 有幾行。
表單描述:我從登錄名開始,需要用戶名和密碼才能登錄。 登錄后打開交易表單,在該表單中,將使用標簽userID基於已登錄的用戶名顯示userId。
如果我的英語不好,這就是我用來匹配用戶名和密碼的代碼。 非常感謝您的幫助。
private void btnLogin_Click(object sender, EventArgs e)
{
SqlConnection cn = new SqlConnection(@"Data Source=.\SQLEXPRESS;AttachDbFilename=E:\ProgII Project\MoneyManager\MoneyManager\MsUser.mdf;Integrated Security=True;User Instance=True");
SqlDataAdapter sda = new SqlDataAdapter("Select Count(*) From MsUser where username='"+txtUsername.Text+"' and password='"+txtPassword.Text+"'",cn);
DataTable dt = new DataTable();
sda.Fill(dt);
if (dt.Rows[0][0].ToString()=="1")
{
this.Hide();
}
else
{
MessageBox.Show("your id or password is wrong");
}
}
如果您恰好返回一行,一列(如SELECT COUNT(*)
),請使用SqlCommand及其.ExecuteScalar()方法-無需為單個值帶來DataTable的所有開銷!
使用這樣的東西:
private void btnLogin_Click(object sender, EventArgs e)
{
// define query - and **ALWAYS** use parameters!
string query = "SELECT COUNT(*) FROM dbo.MsUser WHERE username = @UserName AND password = @password);";
// set up connection and command
using (SqlConnection cn = new SqlConnection(@"Data Source=.\SQLEXPRESS;AttachDbFilename=E:\ProgII Project\MoneyManager\MoneyManager\MsUser.mdf;Integrated Security=True;User Instance=True"))
using (SqlCommand cmd = new SqlCommand(query, cn))
{
// define parameters and provide values
cmd.Parameters.Add("@username", SqlDbType.VarChar, 100).Value = txtUserName.Text;
cmd.Parameters.Add("@password", SqlDbType.VarChar, 100).Value = txtPassword.Text;
// open connection, execute command, close connection
cn.Open();
var result = cmd.ExecuteScalar();
cn.Close();
// if result is not null and can be converted to an int....
if(result != null)
{
int userCount;
if(int.TryParse(result.ToString(), out userCount))
{
// OK, you have a good value - if it's > 0, your user entry exists....
if (userCount > 0)
{
// success - user exists with password
}
else
{
// no success - no such entry
}
}
else
{
// you didn't get a numeric value......
}
}
else
{
// you didn't get any value......
}
}
}
另外:請確保您永遠不要在數據庫表中存儲純文本密碼!
更新:如果您需要檢索UserId
(而不只是計數),請使用如下查詢:
string query = "SELECT UserId FROM dbo.MsUser WHERE username = @UserName AND password = @password);";
然后檢查是否返回了有效的UserId
(不確定可能是哪種數據類型。...)
var result = cmd.ExecuteScalar();
// checking if we got something (or null)
if (result != null)
{
string userId = result.ToString();
}
else
{
// we didn't get any "UserId" back -> invalid combination of "username" and "password"
}
這可能會對您有所幫助,但請注意Sql注入
更新了代碼以防止Sql Injection。
private void btnLogin_Click(object sender, EventArgs e)
{
SqlConnection cn = new SqlConnection(@"Data Source=.\SQLEXPRESS;AttachDbFilename=E:\ProgII Project\MoneyManager\MoneyManager\MsUser.mdf;Integrated Security=True;User Instance=True");
SqlCommand cmd1 = new SqlCommand("Select Count(*) From MsUser where username = @username and password = @passowrd", cn);
cmd1.Parameters.AddWithValue("@username", idBox.Text.Trim());
cmd1.Parameters.AddWithValue("@passowrd", passwordBox.Text.Trim());
int returnValue = Convert.ToInt32(cmd1.ExecuteScalar());
if (returnValue == 1)
{
this.Hide();
}
else
{
MessageBox.Show("your id or password is wrong");
}
}
假設您的用戶表在每個用戶名和密碼的組合中包含一條唯一的記錄,
private void btnLogin_Click(object sender, EventArgs e)
{
string requiredUserId;
SqlConnection cn = new SqlConnection(@"Data Source=.\SQLEXPRESS;AttachDbFilename=E:\ProgII Project\MoneyManager\MoneyManager\MsUser.mdf;Integrated Security=True;User Instance=True");
SqlDataAdapter sda = new SqlDataAdapter("Select Count(userID),UserId From MsUser where username='"+txtUsername.Text+"' and password='"+txtPassword.Text+"' Group By userID",cn);
DataTable dt = new DataTable();
sda.Fill(dt);
if (dt.Rows[0][0].ToString()=="1")
{
this.Hide();
requiredUserId=dt.Rows[0][1].ToString(); //Use this requiredUserId in your next form!!
}
else
{
MessageBox.Show("your id or password is wrong");
}
}
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.