如何從 SQL 中檢查 C# 中的錯誤用戶名和密碼?
[英]How can I check wrong username and password in C# from SQL?
問題描述
我只是嘗試檢查錯誤的用戶名、密碼,我希望消息框顯示“錯誤的用戶名、密碼”。
當我輸入正確的用戶名和密碼時,沒關系,我可以登錄。 當我第一次輸入錯誤的用戶名和密碼時,我會收到一個消息框,但即使我第二次輸入正確的用戶名和密碼,我也會再次收到錯誤消息。
我認為返回不起作用。
baglanti 意味着連接
我的代碼在這里:
private void loginBtn_Click(object sender, EventArgs e)
{
if (txtboxID.Text == "")
{
MessageBox.Show("Please enter your username..", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
return;
}
if (txtboxPW.Text == "")
{
MessageBox.Show("Please enter your password..", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
return;
}
string getid = "SELECT username FROM user WHERE username='" + txtboxID.Text + "'";
string getpw = "SELECT password FROM user WHERE password='" + txtboxPW.Text + "'";
SQLiteCommand gettingid = new SQLiteCommand(getid, baglanti);
SQLiteCommand gettingpw = new SQLiteCommand(getpw, baglanti);
baglanti.Open();
object idfind = gettingid.ExecuteScalar();
if (idfind == null)
{
MessageBox.Show("wrong username", "Error");
return;
}
object pwfind = gettingpw.ExecuteScalar();
if (pwfind == null)
{
MessageBox.Show("wrong password", "Error");
return;
}
baglanti.Close();
string id = idfind.ToString();
string pass = pwfind.ToString();
if (txtboxID.Text == id || txtboxPW.Text == pass)
{
guverteBtn.Visible = true;
makineBtn.Visible = true;
loginBtn.Visible = false;
logincontrolTxt.Text = "Login Succesfully !";
logincontrolTxt.ForeColor = Color.White;
logincontrolTxt.Location = new Point(200, 393);
regBTN.Visible = false;
resetBTN.Visible = false;
txtboxID.Text = "";
txtboxPW.Text = "";
}
else
{
logincontrolTxt.Text = "Invalid ID or Password !";
logincontrolTxt.Location = new Point(180, 393);
logincontrolTxt.ForeColor = Color.Red;
txtboxID.Text = "";
txtboxPW.Text = "";
}
}
1 個解決方案
解決方案1
1 已采納 2022-01-09 16:06:51
我只是對您的代碼進行了一些小的修改,但正如其他人所提到的,您需要將 SQL 查詢更改為參數化查詢,以防止 SQL 注入。
如果您可以一次獲取數據,請始終嘗試盡可能少地連接/查詢數據庫,以提高應用程序性能。
我沒有測試下面的代碼,但它應該可以解決您的問題。
private void loginBtn_Click(object sender, EventArgs e)
{
if (txtboxID.Text == "")
{
MessageBox.Show("Please enter your username..", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
return;
}
if (txtboxPW.Text == "")
{
MessageBox.Show("Please enter your password..", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
return;
}
string getid = "SELECT username FROM user WHERE username='" + txtboxID.Text + "' AND password='" + txtboxPW.Text + "'"; //Security Issue: SQL Injection
SQLiteCommand gettingid = new SQLiteCommand(getid, baglanti);
try {
baglanti.Open();
object idfind = gettingid.ExecuteScalar();
if (idfind == null)
{
MessageBox.Show("Invalid user credentials!", "Error");
}
else
{
if (!string.IsNullOrEmpty(Convert.ToString(idfind)))
{
guverteBtn.Visible = true;
makineBtn.Visible = true;
loginBtn.Visible = false;
logincontrolTxt.Text = "Login Succesful!";
logincontrolTxt.ForeColor = Color.White;
logincontrolTxt.Location = new Point(200, 393);
regBTN.Visible = false;
resetBTN.Visible = false;
txtboxID.Text = "";
txtboxPW.Text = "";
}
else
{
logincontrolTxt.Text = "Invalid ID or Password !";
logincontrolTxt.Location = new Point(180, 393);
logincontrolTxt.ForeColor = Color.Red;
txtboxID.Text = "";
txtboxPW.Text = "";
}
}
}
catch(Exception ex)
{
MessageBox.Show("Unhandled exception!", "Error");
}
finally {
baglanti.Close();
}
}
如何從 C# 更改 IIS 中的 ApplicationPool 的用戶名/密碼?
[英]How can I change the username/password of an ApplicationPool in IIS from C#?
如何從其他 class 獲取帳號和密碼並在 c# 中查看登錄屏幕
[英]How can I get the account number and password from the other class and check them for the login screen in c#
如何從C#和SQL創建受用戶名和密碼保護的MS Access 2007文件?
[英]How can I create user name and password protected MS Access 2007 file from C# and SQL?
如何從文本文件中驗證用戶名和密碼? | Winforms C#
[英]How to validate username and password from text file? | Winforms C#
如何檢查我是否有來自 SQL 服務器數據庫的圖像或不使用 C#
[英]How can I check if I have an image from my SQL Server database or not using C#
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.