当用户尝试使用现有用户名注册时,如何修复IF语句。目前,如果用户名已经存在,我的程序将不接受输入的数据,但它仍然会进入下一页(即使数据未保存在数据库中)。我需要知道的是如何消除这个问题所以当用户确实输入存在的“用户名”时,它只会给出错误的消息框,而不是移动到下一页。
谢谢!
private void btnSignupNew_Click(object sender, EventArgs e)
{
if (txtUsername.Text == "")
{
errorUsername.SetError(txtUsername, "Enter A Username");
}
else if (txtPassword.Text == "")
{
errorPassword.SetError(txtPassword, "Enter A Valid Password");
}
else
{
using (SqlConnection con = new SqlConnection("Data Source=etc"))
{
con.Open();
bool exists = false;
// create a command to check if the username exists
using (SqlCommand cmd = new SqlCommand("select count(*) from [User] where UserName = @UserName", con))
{
cmd.Parameters.AddWithValue("UserName", txtUsername.Text);
exists = (int)cmd.ExecuteScalar() > 0;
}
// if exists, show a message error
if (exists)
{
MessageBox.Show("Username: " + txtUsername.Text + " already Exists");
//errorPassword.SetError(txtUsername, "This username has been using by another user.");
}
else
{
// does not exists, so, persist the user
using (SqlCommand cmd = new SqlCommand("INSERT INTO [User] values (@Forename, @Surname, @Username, @Password)", con))
{
cmd.Parameters.AddWithValue("Forename", txtForename.Text);
cmd.Parameters.AddWithValue("Surname", txtSurname.Text);
cmd.Parameters.AddWithValue("UserName", txtUsername.Text);
cmd.Parameters.AddWithValue("Password", txtPassword.Text);
cmd.ExecuteNonQuery();
}
}
con.Close();
MessageBox.Show("Sucessfully Signed Up");
Form1 signin = new Form1();
signin.Show();
this.Close();
}
}
}
}
答案 0 :(得分:3)
您的代码总是关闭表单并启动登录表单,无论用户名是否已存在,因为执行登录表单的逻辑是在您的测试之后执行的唯一性。它应该只在唯一性测试成功时才会发生。
将您的逻辑更改为:
// if exists, show a message error
if (exists)
{
MessageBox.Show("Username: " + txtUsername.Text + " already Exists");
//errorPassword.SetError(txtUsername, "This username has been using by another user.");
}
else
{
// does not exists, so, persist the user
using (SqlCommand cmd = new SqlCommand("INSERT INTO [User] values (@Forename, @Surname, @Username, @Password)", con))
{
cmd.Parameters.AddWithValue("@Forename", txtForename.Text);
cmd.Parameters.AddWithValue("@Surname", txtSurname.Text);
cmd.Parameters.AddWithValue("@UserName", txtUsername.Text);
cmd.Parameters.AddWithValue("@Password", txtPassword.Text);
cmd.ExecuteNonQuery();
}
MessageBox.Show("Sucessfully Signed Up");
Form1 signin = new Form1();
signin.Show();
this.Close();
}
con.Close();
答案 1 :(得分:3)
将您的参数更改为以下内容
我还建议在编辑框中添加某种验证,以防有人添加不正确的值以防止任何SQL Injectection个人,我会为编辑框创建属性值并传入属性值。只是一个建议
代码中第一个突出问题的问题是以下行
cmd.Parameters.AddWithValue("UserName", txtUsername.Text);
应该是
cmd.Parameters.AddWithValue("@UserName", txtUsername.Text);
// if exists, show a message error
if (exists)
{
MessageBox.Show("Username: " + txtUsername.Text + " already Exists");
//errorPassword.SetError(txtUsername, "This username has been using by another user.");
}
else
{
// does not exists, so, persist the user
using (SqlCommand cmd = new SqlCommand("INSERT INTO [User] values (@Forename, @Surname, @Username, @Password)", con))
{
cmd.Parameters.AddWithValue("@Forename", txtForename.Text);
cmd.Parameters.AddWithValue("@Surname", txtSurname.Text);
cmd.Parameters.AddWithValue("@UserName", txtUsername.Text);
cmd.Parameters.AddWithValue("@Password", txtPassword.Text);
cmd.ExecuteNonQuery();
}
MessageBox.Show("Sucessfully Signed Up");
Form1 signin = new Form1();
signin.Show();
this.Close();
}
con.Close();