1

我使用这段代码:

Dim con As OleDbConnection = New OleDbConnection("Provider=Microsoft.Jet.OLEDB.4.0;Data Source= UserPass.mdb;")
con.Open()
Dim str As String
str = "SELECT * FROM UserPass WHERE Username='" & txtUsername.Text & "' AND Password='" & txtPassword.Text & "'"
Dim cmd As OleDbCommand = New OleDbCommand(str, con)
cmd.Parameters.AddWithValue("user", txtUsername.Text)
cmd.Parameters.AddWithValue("pass", txtPassword.Text)
Dim sdr As OleDbDataReader = cmd.ExecuteReader()
' It will be case sensitive if you compare usernames here.   
If sdr.HasRows Then
    If sdr.Read Then
        If txtPassword.Text <> sdr("Password").ToString And txtUsername.Text <> sdr("Username").ToString Then
            MessageBox.Show(" Incorrect Username/Password. Login Denied ", " Error! ", MessageBoxButtons.OK, MessageBoxIcon.Error)
        Else
            MessageBox.Show(" You are now Logged In! ", " Welcome! ", MessageBoxButtons.OK, MessageBoxIcon.Asterisk)
            frmOne.Show()
            Me.Hide()
        End If
    End If
End If
sdr.Close()
con.Close()

这是它应该检查字母大小写的行,但它似乎不起作用:

If txtPassword.Text <> sdr("Password").ToString And txtUsername.Text <> sdr("Username").ToString Then
4

1 回答 1

4

除非我误解了 if 语句中的 And ,否则您使用的逻辑只会在用户名和密码都不匹配时拒绝登录。如果密码不匹配,但用户匹配,它将掉到 else 块并让用户登录。

尝试将其更改为:

If txtPassword.Text <> sdr("Password").ToString Or txtUsername.Text <> sdr("Username").ToString Then
于 2012-11-19T12:38:32.623 回答