NET,VB.NET和SQL SERVER 2014为我的单身汉研究生项目。
我有一个'用户'用于登录的表,列是:
用户名,密码和类型。
我想创建一个登录页面,用于比较用户与数据库实例化的用户名和密码,以及它们是否匹配将用户带到特定页面d 取决于' 类型' 的价值。
我已经取得了成功我在网上找到的用于检查用户名和密码的代码,但是当我尝试添加它以打开页面时,取决于'键入'结果总是"用户名和密码无效"
这是原始代码:
Protected Sub btnSubmit_Click(sender As Object, e As EventArgs) Handles btnSubmit.Click
Dim con As New SqlConnection(ConfigurationManager.ConnectionStrings("dbconnection").ConnectionString)
con.Open()
Dim cmd As New SqlCommand("select * from Admin_Table where UserName =@username and Password=@password", con)
cmd.Parameters.AddWithValue("@username", txtUserName.Text)
cmd.Parameters.AddWithValue("@password", txtPWD.Text)
Dim da As New SqlDataAdapter(cmd)
Dim dt As New DataTable()
da.Fill(dt)
If dt.Rows.Count > 0 Then
Response.Redirect("Details.aspx")
Else
ClientScript.RegisterStartupScript(Page.[GetType](),
"validation", "<script language='javascript'>alert('Invalid Username and Password')</script>")
End If
End Sub */
这就是我试图做的事情:
Protected Sub btnSubmit_Click(sender As Object, e As EventArgs) Handles btnSubmit.Click
Dim con As New SqlConnection(ConfigurationManager.ConnectionStrings("dbconnection").ConnectionString)
con.Open()
Dim cmd As New SqlCommand("SELECT * FROM users where username=@username and password=@password and type=@type", con)
cmd.Parameters.AddWithValue("@username", txtUserName.Text)
cmd.Parameters.AddWithValue("@password", txtPWD.Text)
cmd.Parameters.AddWithValue("@type", TextBox1.Text).ToString()
Dim da As New SqlDataAdapter(cmd)
Dim dt As New DataTable()
da.Fill(dt)
If dt.Rows.Count > 0 And TextBox1.Text = "doctors" Then
Response.Redirect("Details.aspx")
ElseIf dt.Rows.Count > 0 And TextBox1.Text = "admin" Then
Response.Redirect("db.aspx")
Else
ClientScript.RegisterStartupScript(Page.[GetType](),
"validation", "<script language='javascript'>alert('Invalid Username and Password')</script>")
End If
End Sub
我输入的用户名和密码是正确的,但它显示&#34;无效的用户名和密码&#34;。
答案 0 :(得分:0)
这对我有用。我以为我会把它发布给其他可能正在寻找相同代码的初学者。
Imports System.Data
Imports System.Data.SqlClient
Imports System.Configuration
Partial Class bb_form_1
Inherits System.Web.UI.Page
Protected Sub btnSubmit_Click(sender As Object, e As EventArgs) Handles btnSubmit.Click
Dim con As New SqlConnection(ConfigurationManager.ConnectionStrings("dbconnection").ConnectionString)
con.Open()
Dim cmd As New SqlCommand("SELECT * FROM users where username=@username and password=@password", con)
cmd.Parameters.AddWithValue("@username", txtUserName.Text)
cmd.Parameters.AddWithValue("@password", txtPWD.Text)
Dim da As New SqlDataAdapter(cmd)
Dim dt As New DataTable()
da.Fill(dt)
If dt.Rows.Count = 0 Then
MsgBox("Invalid Username and Password")
Exit Sub
End If
If dt.Rows(0)(2) = "admin" Then
Response.Redirect("AddAdmin.aspx")
ElseIf dt.Rows(0)(2) = "doctor" Then
Response.Redirect("AddMeds.aspx")
End If
End Sub
End Class