0 
Imports System.Data.OleDb

Public Class LoginForm
    Dim connstring As String = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source=C:\Users\User\Desktop\thesis\YBIM.accdb"
    Dim conn As New OleDbConnection
    ' TODO: Insert code to perform custom authentication using the provided username and password 
    ' (See http://go.microsoft.com/fwlink/?LinkId=35339).  
    ' The custom principal can then be attached to the current thread's principal as follows: 
    '     My.User.CurrentPrincipal = CustomPrincipal
    ' where CustomPrincipal is the IPrincipal implementation used to perform authentication. 
    ' Subsequently, My.User will return identity information encapsulated in the CustomPrincipal object
    ' such as the username, display name, etc.


    Private Sub LoginForm_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
        conn.ConnectionString = connstring

        If conn.State = ConnectionState.Closed Then
            conn.Open()
            MsgBox("welcome")
        Else
            MsgBox("Cannot connect to database")
        End If
    End Sub

    Private Sub OK_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles OK.Click
        Dim SqlQuery As String = ("SELECT * FROM tablelogin WHERE Username= @field1 AND Password=@field2")
        Dim SqlCommand As New OleDbCommand
        Dim Sqlrdr As OleDbDataReader

        With SqlCommand
            .CommandText = SqlQuery
            .Connection = conn
            .Parameters.AddWithValue("@field1", UsernameTextBox.Text)
            .Parameters.AddWithValue("@field2", PasswordTextBox.Text)
            .ExecuteNonQuery()
        End With

        Sqlrdr = SqlCommand.ExecuteReader()

        If (Sqlrdr.Read() = True) Then
            home.ShowDialog()
            Me.Hide()
        Else
            MsgBox("wong input")
        End If


    End Sub
End Class
4

1 回答 1

0

您的代码中有两点需要注意,您可以对其进行补救。

1* 您的参数命名不正确。这个:

    .Parameters.AddWithValue("@field1", UsernameTextBox.Text)
    .Parameters.AddWithValue("@field2", PasswordTextBox.Text)

应该是这样的:

.Parameters.AddWithValue("field1", UsernameTextBox.Text)
.Parameters.AddWithValue("field2", PasswordTextBox.Text)

2* 您正在执行该命令两次。.ExecuteNonQuery()从 With 语句中删除,并更改:

Sqlrdr = SqlCommand.ExecuteReader()


Dim ret As Integer
ret = SqlCommand.ExecuteNonQuery()

而不是使用Sqlrdr.Read(),只需检查 ret > 0 (ExecuteNonQuery 返回受命令影响的行数)。

于 2013-11-18T07:37:23.350 回答