1

我试图根据 C# 和 SQL 中的用户级别显示表单,我得到了带有 User_ID、User_Pass 和 User_Level 的数据表,我希望我的代码查看密码和用户名是否正确并根据用户级别显示表单(1 为经理 2 为员工)非常感谢 :)

private void button1_Click(object sender, EventArgs e)
{
    try
    {
        string connection = @"Data Source=Local-PC\HOME;Initial Catalog=Project;Integrated Security=True";
        SqlConnection cn = new SqlConnection(connection);
        cn.Open();
        string userText = textBox1.Text;
        string passText = textBox2.Text;

        SqlCommand cmd = new SqlCommand("SELECT ISNULL(User_ID, '') AS User_ID, ISNULL(User_Pass,'') AS User_Pass, User_Level FROM User_Login WHERE User_ID = @User_ID and User_Pass = @User_Pass and User_Level = @User_Level", cn);
        cmd.Parameters.Add(new SqlParameter("User_ID", userText));
        cmd.Parameters.Add(new SqlParameter("User_pass", passText));


        SqlDataReader dr = cmd.ExecuteReader();


        try
        {
            dr.Read();

            if (dr["User_ID"].ToString().Trim() == userText && dr["User_pass"].ToString().Trim() == passText && dr["User_Level"].ToString().Trim() == "1")
            {
                textBox3.Text = dr["User_ID"].ToString();
                this.Hide();
                Form2 form2 = new Form2();
                form2.Show();
                //this.Close();
            }

            if (dr["User_ID"].ToString().Trim() == userText && dr["User_pass"].ToString().Trim() == passText && dr["User_Level"].ToString().Trim() == "2")
            {
                textBox3.Text = dr["User_ID"].ToString();
                this.Hide();
                Form3 form3 = new Form3();
                form2.Show();
                //this.Close();
            }
        }
        catch
        {
            MessageBox.Show("Invalid Username or Password");
        }
        dr.Close();
        cn.Close();

    }
    catch
    {

    }
}
4

1 回答 1

1

首先:

SqlCommand cmd = new SqlCommand("SELECT ISNULL(User_ID, '') AS User_ID,
                                        ISNULL(User_Pass,'') AS User_Pass,
                                        User_Level
                                 FROM User_Login
                                 WHERE User_ID = @User_ID
                                   AND User_Pass = @User_Pass
                                   AND User_Level = @User_Level", cn);

查询有 3 个参数,但您只提供 2 个。您必须将第三个声明为:

cmd.Parameters.Add(new SqlParameter("User_Level", Int32.Parse(levelText)));

WHERE或从您的子句中删除最后一个过滤器

//AND User_Level = @User_Level"

第二 :

你为什么要检查那个dr["User_ID"].ToString().Trim() == userText和那个,dr["User_pass"].ToString().Trim() == passText而你肯定知道那是真的。您在 SQL 查询中对此进行了过滤。您对 if 的过滤器应如下所示:

if (dr["User_Level"].ToString().Trim() == "1") //eventually = "2"

最后 :

我建议您使用以下固定代码:

private void button1_Click(object sender, EventArgs e)
{
    try
    {
        string connection = @"Data Source=Local-PC\HOME;Initial Catalog=Project;Integrated Security=True";
        SqlConnection cn = new SqlConnection(connection);
        cn.Open();
        string userText = textBox1.Text;
        string passText = textBox2.Text;

        SqlCommand cmd = new SqlCommand("SELECT ISNULL(User_ID, '') AS User_ID, ISNULL(User_Pass,'') AS User_Pass, User_Level FROM User_Login WHERE User_ID = @User_ID and User_Pass = @User_Pass, cn);
        cmd.Parameters.Add(new SqlParameter("User_ID", userText));
        cmd.Parameters.Add(new SqlParameter("User_pass", passText));

        SqlDataReader dr = cmd.ExecuteReader();

        try
        {
            dr.Read();

            if (dr["User_Level"].ToString().Trim() == "1")
            {
                textBox3.Text = dr["User_ID"].ToString();
                this.Hide();
                Form2 form2 = new Form2();
                form2.Show();
                //this.Close();
            }

            if (dr["User_Level"].ToString().Trim() == "2")
            {
                textBox3.Text = dr["User_ID"].ToString();
                this.Hide();
                Form3 form3 = new Form3();
                form3.Show();
                //this.Close();
            }
        }
        catch
        {
            MessageBox.Show("Invalid Username or Password");
        }
        dr.Close();
        cn.Close();

    }
    catch
    {

    }
}

编辑 :

根据您对错误的评论The name 'form2' does not exist in the current context。您需要使用以下内容更正最后一个 if:

Form3 form3 = new Form3();
form3.Show(); // instead of form2.Show();
于 2013-05-10T13:56:01.407 回答