0
private void button1_Click_1(object sender, EventArgs e)
  {
      try
      {
          string myConnection = " datasource=**.**.**.**;port=3306;username=****;password=****;";
          MySqlConnection myconn = new MySqlConnection(myConnection);
          MySqlCommand SelectCommand = new MySqlCommand(" select * from forma.user where username='" + this.username_txt.Text + "' and password= '" + this.password_txt.Text + "' ; ", myconn);

      MySqlDataReader myreader;
      myconn.Open();
      myreader = SelectCommand.ExecuteReader();
      int count = 0;
      while (myreader.Read())
      {
          count = count + 1;

      }
      if (count == 1)
      {
         // MessageBox.Show("Prijava uspešna");
          this.Hide();
          Form2 f2 = new Form2();
          f2.ShowDialog();
      }
      else if (count > 1)
      {

          MessageBox.Show("Podobojeno uporabniško ime");
      }
      else
      {
          MessageBox.Show("uporabniško ime ali geslo ni pravilno.");
          myconn.Close();
      }

  }

  catch (Exception ex)
  {
      MessageBox.Show(ex.Message);
  }
}

我在连接远程服务器时遇到问题,它给了我错误(标题)。你能告诉我我做错了什么,我该如何解决?谢谢。

4

1 回答 1

2

give the connection string as below

string myConnection = "Server=**.**.**.**;Port=3306;Database=***;Uid=***;Pwd=***;"

Use SQL parameters, your application is widely open for sql injection attacks

于 2013-09-17T07:22:33.440 回答