我正在尝试获取帐户表的行数,以便我可以登录帐户,但MySQL参数不会添加值。
这是我的代码:
public int MyMethod(string username, string password)
{
int count = 0;
string query = "SELECT * FROM accounts WHERE username = '?user' AND password = '?pass' LIMIT 1;";
using (MySqlCommand cmd = new MySqlCommand(query, connector))
{
cmd.Parameters.Add(new MySqlParameter("?user", username));
cmd.Parameters.Add(new MySqlParameter("?pass", password));
count = int.Parse(cmd.ExecuteScalar().ToString());
}
return count;
}
答案 0 :(得分:4)
参数占位符不应该用单引号括起来,因为它会强制它成为值而不是参数,试试这个,
public int MyMethod(string username, string password)
{
int count = 0;
string query = "SELECT * FROM accounts WHERE username = @user AND password = @pass LIMIT 1;";
using (MySqlCommand cmd = new MySqlCommand(query, connector))
{
cmd.Parameters.Add(new MySqlParameter("@user", username));
cmd.Parameters.Add(new MySqlParameter("@pass ", password));
connector.Open(); // don't forget to open the connection
count = int.Parse(cmd.ExecuteScalar().ToString());
}
return count;
}
答案 1 :(得分:1)
我相信你想做这样的事情:
SELECT COUNT(*) FROM accounts WHERE username = '?user' AND password = '?pass';
这将为您提供具有指定用户名和密码的记录数。
答案 2 :(得分:1)
尝试添加如下参数:
cmd.Parameters.AddWithValue("@user", username);
cmd.Parameters.AddWithValue("@pass", password);
答案 3 :(得分:1)
试试这个: @myVariable 而不是'?myVariable', SELECT COUNT(*)而不是 SELECT *
public int MyMethod(string username, string password)
{
int count = 0;
string query = "SELECT count(*) FROM accounts WHERE username = @user AND password = @pass LIMIT 1;";
using (MySqlCommand cmd = new MySqlCommand(query, connector))
{
connector.Open();
cmd.Parameters.AddWithValue("@user", username);
cmd.Parameters.AddWithValue("@pass", password);
count = int.Parse(cmd.ExecuteScalar().ToString());
}
return count;
}