0

我做了一个登录页面,员工输入员工电子邮件地址,然后输入他们的密码。这个想法是让程序检查电子邮件和形成 Access 数据库的 pin 以成功登录。这是我使用的代码。

 private void Validate(object sender, RoutedEventArgs e)
    {
        OleDbConnection con = new OleDbConnection("Provider=Microsoft.Jet.OLEDB.4.0;Data Source = C:\\Users\\Baladi\\documents\\visual studio 2012\\Projects\\CalUnderFoot\\CalUnderFoot\\UserPerm.mdb");           
        OleDbCommand cmd = null;
        OleDbDataReader dr = null;

        string cmdStr = String.Format("select * from UserPermT where EmpEmail='{0}' and EmpPIN='{1}'", EmpEmailtxt.Text, EmpPINtxt.PasswordChar);

        con.Open();
        cmd = new OleDbCommand(cmdStr, con);
        dr = cmd.ExecuteReader();

        cmd.Dispose();

        if (dr.Read() == true)
        {
            MessageBox.Show("success");
        }

        else
        {
            MessageBox.Show("fail");
        }

        dr.Dispose();
    }

当我输入错误的电子邮件和密码时,我会收到一条消息,上面写着“失败”,这是它应该做的。但是,当我输入正确的电子邮件并固定时,我仍然会收到“失败”消息。我错过了什么??是的,我知道......我不应该将密码存储在数据库中,我会在适当的时候加密它们。先感谢您

4

1 回答 1

1

尝试这样的事情:

private void Validate(object sender, RoutedEventArgs e)
    {

    using (OleDbConnection connection = new OleDbConnection("Provider=Microsoft.Jet.OLEDB.4.0;Data Source = C:\\Users\\Baladi\\documents\\visual studio 2012\\Projects\\CalUnderFoot\\CalUnderFoot\\UserPerm.mdb"))
    {
        OleDbCommand command = new OleDbCommand("select * from UserPermT where EmpEmail='"+EmpEmail.Text+"' and EmpPIN='"+EmpPIN.PasswordChar+"'", connection);
        connection.Open();
        OleDbDataReader dr= command.ExecuteReader();

        if (dr.Read())
        {
            MessageBox.Show("success");
        }

        else
        {
            MessageBox.Show("fail");
        }
        dr.Close();
    }
    }

(来自http://msdn.microsoft.com/en-us/library/979byfca.aspx

于 2013-09-26T15:12:42.457 回答