1

我正在为我的应用程序设计一个基本的电子邮件和密码表单。它使用在与其链接的数据库中找到的用户名和密码。我遇到了 1 个问题,如何让它考虑区分大小写?比如:

正确详细信息:电子邮件:matt@gmail.com 密码:gordan123

但是,它允许密码为:Gordan123、GORDAN123 和 GoRdAn123 等。我如何制作它以便它只接受数据库中考虑到区分大小写的密码?

抱歉,我不知道如何更好地描述这个问题。这是代码:

 SQL_Str = "CREATE TABLE Table_UserDetails (UserImageLocation TEXT, FirstName VARCHAR(25), LastName VARCHAR(25), Gender VARCHAR(6), EmailAddress VARCHAR(40) PRIMARY KEY, UserPassword VARCHAR(25))"
        dbCommand = New OleDbCommand(SQL_Str, dbConnector)
        dbCommand.ExecuteNonQuery()

 Private Sub BtnLogin_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles BtnLogin.Click
    If LoginDetailsSearch() = True Then
        FormMain.Show()
    Else
        MsgBox("The E-Mail address or password you entered is not valid, please check your entries and try again.", MsgBoxStyle.Critical, "Error")
    End If

End Sub
Function LoginDetailsSearch() As Boolean
    dbConnector.Open()
    SQL_Str = "SELECT * FROM Table_UserDetails"

    dbDataAdapter = New OleDbDataAdapter(SQL_Str, dbConnector)
    dbDataAdapter.Fill(dbDataSet, "Users")

    For Each Record In dbDataSet.Tables("Users").Rows
        If txtEmail.Text = Record.Item(4) And txtPassword.Text = Record.Item(5) Then
            SelectedUserFirstName = Record.Item(1)
            SelectedUserLastName = Record.Item(2)
            dbConnector.Close()
            Return True
        End If
    Next

    dbConnector.Close()
    Return False
End Function
4

1 回答 1

5

不要以纯文本形式存储密码。存储密码的哈希值或加盐哈希值并比较您的哈希值。

于 2013-10-31T20:19:59.990 回答