我正在使用此代码:
Dim con As OleDbConnection = New OleDbConnection("Provider=Microsoft.Jet.OLEDB.4.0;Data Source= UserPass.mdb;")
con.Open()
Dim str As String
str = "SELECT * FROM UserPass WHERE Username='" & txtUsername.Text & "' AND Password='" & txtPassword.Text & "'"
Dim cmd As OleDbCommand = New OleDbCommand(str, con)
cmd.Parameters.AddWithValue("user", txtUsername.Text)
cmd.Parameters.AddWithValue("pass", txtPassword.Text)
Dim sdr As OleDbDataReader = cmd.ExecuteReader()
' It will be case sensitive if you compare usernames here.
If sdr.HasRows Then
If sdr.Read Then
If txtPassword.Text <> sdr("Password").ToString And txtUsername.Text <> sdr("Username").ToString Then
MessageBox.Show(" Incorrect Username/Password. Login Denied ", " Error! ", MessageBoxButtons.OK, MessageBoxIcon.Error)
Else
MessageBox.Show(" You are now Logged In! ", " Welcome! ", MessageBoxButtons.OK, MessageBoxIcon.Asterisk)
frmOne.Show()
Me.Hide()
End If
End If
End If
sdr.Close()
con.Close()
这是应该检查字母大小写的行,但它似乎不起作用:
If txtPassword.Text <> sdr("Password").ToString And txtUsername.Text <> sdr("Username").ToString Then
答案 0 :(得分:4)
除非我误解了if语句中的And,否则您使用的逻辑只会在用户名和密码不匹配时拒绝登录。如果密码不匹配,但用户没有,则会切换到else块并将用户登录。
尝试将其更改为:
If txtPassword.Text <> sdr("Password").ToString Or txtUsername.Text <> sdr("Username").ToString Then