【问题标题】:Comparing user input username/password to mysql database username/password not working将用户输入的用户名/密码与 mysql 数据库用户名/密码进行比较不起作用
【发布时间】:2013-12-10 17:53:23
【问题描述】:

我无法将输入的用户名和密码与数据库中指定用户的用户名和密码进行比较。我相信所有代码都是正确的,但是当我单击登录按钮时,什么也没有发生。请帮助,如果您需要任何其他信息,请询问。

代码:

private void btnLogin_Click(object sender, EventArgs e)
    {
        int numerror = 0;
        if (UsernameTextBox.Text == "")
        {
            numerror = numerror + 1;
        }
        if (PasswordTextBox.Text == "")
        {
            numerror = numerror + 1;
        }
        if (numerror == 1)
        {
            ErrorLabel.Text = "*1 required field is blank.";
        }
        else if (numerror == 2)
        {
            ErrorLabel.Text = "*2 required fields are blank";
        }
        else
        {
            string connectionString = "datasource=localhost;port=3306;username=*****;password=**********";
            string select = "SELECT username, password FROM userinfo.users " +
                            "WHERE username = @username AND password = @password";

            using (MySqlConnection Conn = new MySqlConnection(connectionString))
            {
                using (MySqlCommand cmd = new MySqlCommand(select, Conn))
                {
                    cmd.Parameters.AddWithValue("@username", UsernameTextBox.Text);
                    cmd.Parameters.AddWithValue("@password", PasswordTextBox.Text);

                    Conn.Open();

                    using (MySqlDataReader reader = cmd.ExecuteReader())
                    {
                        if (reader.Read())
                        {
                            string username = reader.GetString(0);
                            string password = reader.GetString(1);

                            if (username == UsernameTextBox.Text)
                            {
                                string encodeduserinputpassword = EncodePassword(PasswordTextBox.Text);
                                if (password == encodeduserinputpassword)
                                {
                                    AirSpace airspaceform = new AirSpace();
                                    airspaceform.Show();
                                    this.Hide();
                                }
                                else
                                {
                                    CMessageBox("Login Error", "Incorrect username or password.");
                                }
                            }
                            else
                            {
                                CMessageBox("Login Error", "Incorrect username or password.");
                            }
                        }
                    }

                    Conn.Close();
                }
            }
        }
    }

【问题讨论】:

    标签: c# mysql database login


    【解决方案1】:

    您正在通过EncodePassword 使用编码密码,但您的选择查询正在执行直接匹配。

    将您的选择更改为

    SELECT username, password FROM userinfo.users
    WHERE username = @username
    

    并删除密码参数。

    private void btnLogin_Click(object sender, EventArgs e)
    {
        int numerror = 0;
        if (UsernameTextBox.Text == "")
        {
            ErrorLabel.Text = "*1 required field is blank.";
        }
        else if (PasswordTextBox.Text == "")
        {
            ErrorLabel.Text = "*2 required fields are blank";
        }
        else
        {
            string connectionString = "datasource=localhost;port=3306;username=*****;password=**********";
            string select = "SELECT username, password FROM userinfo.users " +
                            "WHERE username = @username";
    
            using (MySqlConnection Conn = new MySqlConnection(connectionString))
            {
                using (MySqlCommand cmd = new MySqlCommand(select, Conn))
                {
                    cmd.Parameters.AddWithValue("@username", UsernameTextBox.Text);
    
                    Conn.Open();
    
                    using (MySqlDataReader reader = cmd.ExecuteReader())
                    {
                        if (reader.Read())
                        {
                            string username = reader.GetString(0);
                            string password = reader.GetString(1);
    
                            string encodeduserinputpassword = EncodePassword(PasswordTextBox.Text);
                            if (password == encodeduserinputpassword)
                            {
                                AirSpace airspaceform = new AirSpace();
                                airspaceform.Show();
                                this.Hide();
                            }
                            else
                            {
                                CMessageBox("Login Error", "Incorrect username or password.");
                            }
                        }
                        else
                        {
                            CMessageBox("Login Error", "Incorrect username or password.");
                        }
                    }
    
                    Conn.Close();
                }
            }
        }
    }
    

    【讨论】:

    • 非常感谢,没有意识到我正在做直接匹配,但现在做。还要意识到选择一行我所要做的就是识别用户名。谢谢!我会尽可能地回答这个问题。
    • @Momoro 这是 OP 的一项功能,而不是问题的一部分。从上下文来看,我猜它会做一些事情来将密码转换为某种哈希值。
    • 有道理:)
    猜你喜欢
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 2013-08-24
    • 2023-04-03
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 2014-08-10
    相关资源
    最近更新 更多