1

I am trying to create log in system with access database in c#. I have a database, and User_ID and Password Columns, I don't know why it doesn't work, can you help me with your opinion? The problem is that program checks only 1st user, but when I enter 3rd or 4th user, it displays message: your username or password is incorrect even though user_ID and password is correct. here is the code:

private void button1_Click(object sender, EventArgs e)
    {
        OleDbConnection connect = new OleDbConnection();
        connect.ConnectionString = @"Provider=Microsoft.ACE.OLEDB.12.0;Data Source=C:\Documents and Settings\Hodzic\Desktop\projekat shipping\Database files\Users.accdb";
        connect.Open();


        OleDbCommand command = new OleDbCommand();
        command.Connection = connect;
        command.CommandText = "select User_ID, Password from user_details";
        OleDbDataReader reader = command.ExecuteReader();
        while (reader.Read())
        {

                if (textBox1.Text == reader[0].ToString() && textBox2.Text == reader[1].ToString())
                {


                    this.Hide();
                    Glavna2 g1 = new Glavna2();
                    g1.Show();
                    break;

                }

                else 
                {
                    MessageBox.Show("Your user ID or password is incorrect.");
                    this.Hide();
                    Sign_in g2 = new Sign_in();
                    g2.Show();
                    break;
                }


        }

        connect.Close();
    }

Thank you.

4

1 回答 1

1

您需要在此处添加 WHERE 子句:

command.CommandText = "select User_ID, Password from user_details";

目前您只是检查阅读器的第一个结果,所以如果您要这样做(这很好),您需要一个 WHERE 子句。

就像是:

command.CommandText = "select User_ID, Password from user_details WHERE User_ID = 'myusername'";

显然,您需要将其连接起来,许多人会争辩说您需要担心 SQL 注入(这意味着准备好的语句),但让我们从那里开始,然后我们可以继续前进。

此外,正如 SLaks 所说,您不想以纯文本形式存储密码。因此,您的应用程序需要进行相当多的调整,但取回数据将是一个开始。

下一步研究:

  • Microsoft Access 中的准备好的语句。
  • 密码哈希。
于 2012-12-24T18:06:39.120 回答