有人能从代码中告诉我代码中有什么问题吗?
如果用户名和密码不匹配,则lbl文本应显示“用户名/密码不正确”。
代码:
Protected Sub btnLogin_Click(sender As Object, e As System.EventArgs) Handles btnLogin.Click
Dim conn As New OleDbConnection("Provider=Microsoft.Jet.OLEDB.4.0;Data Source=C:\Users\Brian\Documents\Visual Studio 2010\WebSites\PetLandia\App_Data\db.mdb")
Dim cmd As OleDbCommand = New OleDbCommand("SELECT * FROM [User] where Username=? and Password=?", conn)
cmd.Parameters.AddWithValue("@Username", txtLogin.Text)
cmd.Parameters.AddWithValue("@Password", txtPassword.Text)
If (String.IsNullOrEmpty(txtLogin.Text)) Or (String.IsNullOrEmpty(txtPassword.Text)) Then
lblLoginError.Text = "One or more fields are empty. Please fill in all the fields"
lblLoginError.Visible = True
Else
conn.Open()
Dim read As OleDbDataReader = cmd.ExecuteReader()
Try
If read.HasRows Then
While read.Read()
If txtLogin.Text = read.Item("username").ToString And txtPassword.Text = read.Item("password").ToString Then
Dim tUsername As String = read.Item("Username").ToString
Session("Username") = tUsername
Response.Redirect("Default.aspx")
End If
End While
End If
read.Close()
Catch ex As Exception
Response.Write(ex.Message())
lblLoginError.Text = "Incorrect Username/Password."
lblLoginError.Visible = True
Finally
conn.Close()
End Try
End If
End Sub
答案 0 :(得分:2)
而不是catch将Else写入if语句
答案 1 :(得分:1)
您可以尝试使用此代码。此代码没有Try Catch阻止。
Protected Sub btnLogin_Click(sender As Object, e As System.EventArgs) Handles btnLogin.Click
If (String.IsNullOrEmpty(txtLogin.Text)) Or (String.IsNullOrEmpty(txtPassword.Text)) Then
lblLoginError.Text = "One or more fields are empty. Please fill in all the fields"
lblLoginError.Visible = True
Else
Dim conn As New OleDbConnection("Provider=Microsoft.Jet.OLEDB.4.0;Data Source=C:\Users\Brian\Documents\Visual Studio 2010\WebSites\PetLandia\App_Data\db.mdb")
Dim cmd As OleDbCommand = New OleDbCommand("SELECT * FROM [User] where Username=? and Password=?", conn)
cmd.Parameters.AddWithValue("@Username", txtLogin.Text)
cmd.Parameters.AddWithValue("@Password", txtPassword.Text)
conn.Open()
Dim read As OleDbDataReader = cmd.ExecuteReader()
If read.HasRows Then
read.Read()
Session("Username") = read.Item("Username").ToString
read.Close()
conn.Close() 'Close connection before Redirecting.
Response.Redirect("Default.aspx")
Else
read.Close()
conn.Close()
lblLoginError.Text = "Incorrect Username/Password."
lblLoginError.Visible = True
End If
End If
End Sub
答案 2 :(得分:1)
您不需要像已经拥有的那样从数据库中返回用户名和密码。您只需要计算匹配的条目。这大大简化了它。此外,正如果酱所示,在对数据库进行任何操作之前,最好对用户名和密码字段中的值进行测试:
If (String.IsNullOrEmpty(txtLogin.Text)) OrElse (String.IsNullOrEmpty(txtPassword.Text)) Then
lblLoginError.Text = "One or more fields are empty. Please fill in all the fields"
lblLoginError.Visible = True
Else
Dim ok As Integer = 0
Using conn = New OleDbConnection("Provider=Microsoft.Jet.OLEDB.4.0;Data Source=C:\Users\Brian\Documents\Visual Studio 2010\WebSites\PetLandia\App_Data\db.mdb")
Dim cmd As OleDbCommand = New OleDbCommand("SELECT COUNT(*) FROM [User] where Username=? and Password=?", conn)
cmd.Parameters.AddWithValue("@Username", txtLogin.Text)
cmd.Parameters.AddWithValue("@Password", txtPassword.Text)
conn.Open()
ok = CInt(cmd.ExecuteScalar())
conn.Close()
End Using
If ok = 0 Then
' credentials incorrect
Else
' credentials correct
End If
End If
答案 3 :(得分:0)
你写它的方式,“不正确的用户名/密码”只会显示是否抛出异常。
如果您想在编写代码时使用代码,请添加ELSE:
If txtLogin.Text = read.Item("username").ToString And txtPassword.Text = read.Item("password").ToString Then
Dim tUsername As String = read.Item("Username").ToString
Session("Username") = tUsername
Response.Redirect("Default.aspx")
else
throw new exception("Incorrect Username/Password")
End If
答案 4 :(得分:0)
If read.HasRows将为false。即,它不会抛出异常,它只会返回没有行。Dispose。ExecuteScalar简单地调用Select Count(*)以查看结果是否大于零会更快。Dim authenticationFailed As Boolean = String.IsNullOrEmpty(txtLogin.Text) _
OrElse String.IsNullOrEmpty(txtPassword.Text)
If Not authenticationFailed Then
Dim connString = "Provider=Microsoft.Jet.OLEDB.4.0..."
Using conn = New OleDbConnection(connString)
Const sql As String = "Select Count(*) From [User] Where Username=? and Password=?"
conn.Open()
Using cmd = New OleDbCommand(sql, conn)
cmd.Parameters.AddWithValue("@Username", txtLogin.Text)
cmd.Parameters.AddWithValue("@Password", txtPassword.Text)
Try
Dim result = cmd.ExecuteScalar(CommandBehavior.CloseConnection)
Catch generatedExceptionName As SqlException
authenticationFailed = True
End Try
authenticationFailed = authenticationFailed _
OrElse Convert.ToInt32(result) <> 1
If Not authenticationFailed Then
Session("Username") = txtLogin.Text
End If
End Using
conn.Close()
End Using
End If
If authenticationFailed Then
lblLoginError.Text = "Incorrect username and password"
lblLoginError.Visible = True
End If