我正在为注册用户制作表单,但我不知道如何验证是否已经使用了电子邮件和/或用户名。 我在aspx.cs中的代码是:
using System; using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.Configuration;
using System.Data;
using System.Data.SqlClient;
public partial class Registrazione : System.Web.UI.Page {
private string strcon = WebConfigurationManager.ConnectionStrings["UtentiRegistratiConnectionString1"].ConnectionString;
protected void Page_Load(object sender, EventArgs e)
{
}
protected void Button1_Click(object sender, EventArgs e)
{
SqlConnection con = new SqlConnection(strcon);
SqlCommand cmd = new SqlCommand();
cmd.Connection = con;
cmd.CommandType = CommandType.StoredProcedure;
cmd.CommandText = "Registrazione";
cmd.Parameters.AddWithValue("@vnome", TextBox2.Text);
cmd.Parameters.AddWithValue("@vcognome", TextBox3.Text);
cmd.Parameters.AddWithValue("@vindirizzo", TextBox5.Text);
cmd.Parameters.AddWithValue("@vindmail", TextBox4.Text);
cmd.Parameters.AddWithValue("@vpassword", TextBox6.Text);
cmd.Parameters.AddWithValue("@vcellulare", TextBox8.Text);
cmd.Parameters.AddWithValue("@vcasa", TextBox9.Text);
cmd.Parameters.AddWithValue("@vcitta", TextBox10.Text);
cmd.Parameters.AddWithValue("@vcodfisc", TextBox11.Text);
con.Open();
cmd.ExecuteNonQuery();
con.Close();
}
}
带有“@vpassword”和“@vcodfisc”的字段将进行验证。我怎么能这样做?
注册的细节是:
CREATE PROCEDURE [dbo].[Registrazione]
@vnome varchar(50),
@vcognome varchar(50),
@vindirizzo varchar(50),
@vcellulare varchar(50),
@vcasa varchar(50),
@vcodfisc varchar(50),
@vindmail varchar(50),
@vpassword varchar(50),
@vcitta varchar(50)
AS
insert into Utenti (Nome,Cognome,Indirizzo,Cellulare,Casa,[Codice Fiscale],[Indirizzo E-Mail],Password,Città) values (@vnome,@vcognome,@vindirizzo,@vcellulare,@vcasa,@vcodfisc,@vindmail,@vpassword,@vcitta)
RETURN 0
如果我这样做,那就不行了,为什么?
public partial class Registrazione:System.Web.UI.Page {
private string strcon = WebConfigurationManager.ConnectionStrings [“UtentiRegistratiConnectionString1”]。ConnectionString;
protected void Page_Load(object sender, EventArgs e)
{
}
protected void Button1_Click(object sender, EventArgs e)
{
SqlConnection con = new SqlConnection(strcon);
SqlCommand cmd = new SqlCommand();
cmd.Connection = con;
cmd.CommandType = CommandType.StoredProcedure;
cmd.CommandText = "Registrazione";
cmd.Parameters.AddWithValue("@vnome", TextBox2.Text);
cmd.Parameters.AddWithValue("@vcognome", TextBox3.Text);
cmd.Parameters.AddWithValue("@vindirizzo", TextBox5.Text);
cmd.Parameters.AddWithValue("@vindmail", TextBox4.Text);
cmd.Parameters.AddWithValue("@vpassword", TextBox6.Text);
cmd.Parameters.AddWithValue("@vcellulare", TextBox8.Text);
cmd.Parameters.AddWithValue("@vcasa", TextBox9.Text);
cmd.Parameters.AddWithValue("@vcitta", TextBox10.Text);
cmd.Parameters.AddWithValue("@vcodfisc", TextBox11.Text);
if (TextBox4.Text == "SELECT * FROM Utenti WHERE [Indirizzo E-Mail] = v@indmail")
{
RequiredFieldValidator3.ErrorMessage = "Indirizzo E-Mail già esistente";
}
else
{
con.Open();
cmd.ExecuteNonQuery();
con.Close();
Response.Redirect("~/TutteLeOfferte.aspx");
}
}
答案 0 :(得分:1)
这段代码不能正常工作,因为你没有提供你的代码,所以我能做的最好
在你的sproc do;
SELECT COUNT(UserName)
WHERE UserName = @vcodfisc AND Password = @vpassword
然后在C#做
if (queryResult > 0)
// username exists
else
//count was 0, that user name does not exist.
这假设qeuryResult是一个整数。这意味着您已执行查询并使用SqlDatReader或其他一些机制将结果读入int。
另外,我要指出匹配的密码完全没有意义。用户名必须是唯一的,密码不应该。所以你应该只计算username = inputuserName的用户名。它应该返回0或1.如果它为0,则登录是唯一的,您可以继续注册用户。如果它是1那么用户名已经存在,如果它大于1,那么你通过其他方式将坏数据放入数据库中;在插入之前没有执行此检查的内容。
答案 1 :(得分:0)
我会在运行您的SqlCommand之前从数据库中选择一个选项来检查用户名或电子邮件是否已经存在。
答案 2 :(得分:0)
SqlCommand command = new SqlCommand();
command.CommandText = "SELECT COUNT(UserName) WHERE UserName = '" + vcodfisc + "'";
int count = command.ExecuteScalar();
if (count == 0)
//username not exist
else //username exist
类似这样的事,抱歉我不记得确切的语法