Question

NET，VB.NET和SQL SERVER 2014为我的单身汉研究生项目。
我有一个＆＃39;用户＆＃39;用于登录的表，列是：
用户名，密码和类型。
我想创建一个登录页面，用于比较用户与数据库实例化的用户名和密码，以及它们是否匹配将用户带到特定页面d 取决于＆＃39; 类型＆＃39; 的价值。
我已经取得了成功我在网上找到的用于检查用户名和密码的代码，但是当我尝试添加它以打开页面时，取决于＆＃39;键入＆＃39;结果总是＆＃34;用户名和密码无效＆＃34;

这是原始代码：

Protected Sub btnSubmit_Click(sender As Object, e As EventArgs) Handles btnSubmit.Click

Dim con As New SqlConnection(ConfigurationManager.ConnectionStrings("dbconnection").ConnectionString)
    con.Open()
Dim cmd As New SqlCommand("select * from Admin_Table where UserName =@username and Password=@password", con)

cmd.Parameters.AddWithValue("@username", txtUserName.Text)
cmd.Parameters.AddWithValue("@password", txtPWD.Text)

Dim da As New SqlDataAdapter(cmd)
Dim dt As New DataTable()

da.Fill(dt)
If dt.Rows.Count > 0 Then
Response.Redirect("Details.aspx")
    Else

ClientScript.RegisterStartupScript(Page.[GetType](),
                                           "validation", "<script language='javascript'>alert('Invalid Username and Password')</script>")
    End If
End Sub */

这就是我试图做的事情：

Protected Sub btnSubmit_Click(sender As Object, e As EventArgs) Handles btnSubmit.Click
Dim con As New  SqlConnection(ConfigurationManager.ConnectionStrings("dbconnection").ConnectionString)
    con.Open()
    Dim cmd As New SqlCommand("SELECT * FROM users where username=@username and password=@password and type=@type", con)
    cmd.Parameters.AddWithValue("@username", txtUserName.Text)
    cmd.Parameters.AddWithValue("@password", txtPWD.Text)
    cmd.Parameters.AddWithValue("@type", TextBox1.Text).ToString()
    Dim da As New SqlDataAdapter(cmd)
    Dim dt As New DataTable()
    da.Fill(dt)
    If dt.Rows.Count > 0 And TextBox1.Text = "doctors" Then

        Response.Redirect("Details.aspx")

    ElseIf dt.Rows.Count > 0 And TextBox1.Text = "admin" Then
        Response.Redirect("db.aspx")
    Else
        ClientScript.RegisterStartupScript(Page.[GetType](),
                                           "validation", "<script language='javascript'>alert('Invalid Username and Password')</script>")
    End If
End Sub

我输入的用户名和密码是正确的，但它显示＆＃34;无效的用户名和密码＆＃34;。

Answer 1

这对我有用。我以为我会把它发布给其他可能正在寻找相同代码的初学者。

Imports System.Data
Imports System.Data.SqlClient
Imports System.Configuration
Partial Class bb_form_1
Inherits System.Web.UI.Page



Protected Sub btnSubmit_Click(sender As Object, e As EventArgs) Handles btnSubmit.Click
    Dim con As New SqlConnection(ConfigurationManager.ConnectionStrings("dbconnection").ConnectionString)
    con.Open()
    Dim cmd As New SqlCommand("SELECT * FROM users where username=@username and password=@password", con)
    cmd.Parameters.AddWithValue("@username", txtUserName.Text)
    cmd.Parameters.AddWithValue("@password", txtPWD.Text)
    Dim da As New SqlDataAdapter(cmd)
    Dim dt As New DataTable()
    da.Fill(dt)
    If dt.Rows.Count = 0 Then
        MsgBox("Invalid Username and Password")
        Exit Sub
    End If
    If dt.Rows(0)(2) = "admin" Then
        Response.Redirect("AddAdmin.aspx")
    ElseIf dt.Rows(0)(2) = "doctor" Then
        Response.Redirect("AddMeds.aspx")
    End If
End Sub

End Class

sql登录并将用户重定向到不同的页面

1 个答案: