即使提供正确的用户名和密码,如果reader.HasRows()仍然返回false。有任何想法吗?

时间:2014-04-01 02:26:19

标签: sql vb.net login 

Protected Sub btnlogin_Click(sender As Object, e As EventArgs) Handles btnlogin.Click
    Using connection As New SqlConnection(connectionString)
        Dim account As String = txtusername.Text
        Dim mypassword As String = txtpassword.Text
        Dim sqlCommand As New  _
            SqlCommand("SELECT * FROM [User] WHERE User_ID ='@USE' AND Password='@PAS'", connection)
        sqlCommand.Parameters.AddWithValue("@USE", account)
        sqlCommand.Parameters.AddWithValue("@PAS", mypassword)
        connection.Open()
        Dim reader As SqlDataReader = sqlCommand.ExecuteReader()
        Dim values As New ArrayList()
        If reader.HasRows() Then
            Response.Redirect("https://google.com")
        Else
            Response.Redirect("https://yahoo.com")
        End If
    End Using

End Sub

结束班

我正在尝试构建一个简单的登录页面并验证他的SQL查询和输入是正确的,但由于某种原因它总是返回false。

1 个答案:

答案 0 :(得分:1)

你试过改变这个

吗? 
SqlCommand("SELECT * FROM [User] WHERE User_ID ='@USE' AND Password='@PAS'", connection)

到这个

SqlCommand("SELECT * FROM [User] WHERE User_ID =@USE AND Password=@PAS", connection)
相关问题
最新问题