Question

我无法让我的程序检测管理员用户。我创建了一个登录系统，但是当管理员登录时，它会跳过sql查询并继续打开用户屏幕，而不是管理员。当用户注册时，会向他们显示一对单选按钮以选择其用户类型。根据选择的用户类型，用户类型（管理员或用户）将在用户列中写入数据库。这是我的代码：

using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Windows.Forms;
using System.Data.SqlClient;
using System.Data.SqlTypes;

namespace myLoginProject
{
public partial class Form1 : Form
{
    public Form1()
    {
        InitializeComponent();
    }

    private void Form1_Load(object sender, EventArgs e)
    {
        SqlConnection connection = new SqlConnection(@"server=.\SQLEXPRESS; database=loginTest;Trusted_Connection=yes");
        connection.Open();
        string selection = "select * from Logins where Name = '" + userNameBox.Text + "' and Password = '" + passwordBox.Text + "' ";
        SqlCommand command = new SqlCommand(selection, connection);
        SqlDataAdapter da = new SqlDataAdapter(command);
        DataSet ds = new DataSet();
        da.Fill(ds);
        DataTable dt = ds.Tables[0];
    }

    private void registerButton_Click(object sender, EventArgs e)
    {
        adminAuthScreen aas = new adminAuthScreen();
        aas.Show();
    }
    private int myMethod(string user, string pass)
    {
        user.Trim();
        pass.Trim();
        SqlConnection connection = new SqlConnection(@"server=.\SQLEXPRESS; database=loginTest;Trusted_Connection=yes");
        connection.Open();
        string selection = "select * from Logins where Name = '"+user+"' and Password = '"+pass+"' ";
        SqlCommand command = new SqlCommand(selection, connection);
        if (command.ExecuteScalar() != null)
            return 1;
        else
            return 0;

    }

    private void loginButton_Click(object sender, EventArgs e)
    {
        if (myMethod(userNameBox.Text,passwordBox.Text)>0)
        {
            MessageBox.Show("Welcome back, "+userNameBox.Text);
            SqlConnection myConnection = new SqlConnection(@"server=.\SQLEXPRESS; database=loginTest;Trusted_Connection=yes");
            try
            {
                myConnection.Open();
            }
            catch (Exception ex)
            {
                MessageBox.Show(ex.ToString());
            }
           string checkAdmin1 = "SELECT * FROM Logins WHERE Name = '"+userNameBox.Text+"' AND User='Admin'";
        SqlCommand checkIfAdmin = new SqlCommand(checkAdmin1, myConnection);
        if (checkIfAdmin.ExecuteScalar() != null)
        {
           adminScreen admnscrn = new adminScreen();
            admnscrn.Show();
        }
        else
        {
            userScreen usrscrn = new userScreen();
            usrscrn.Show();
        }
        }
    }


    public SqlConnection connection { get; set; }
}
}

这似乎是问题所在（至少是调试期间的问题）：

 private void loginButton_Click(object sender, EventArgs e)
        {
            if (myMethod(userNameBox.Text,passwordBox.Text)>0)
            {
                MessageBox.Show("Welcome back, "+userNameBox.Text);
                SqlConnection myConnection = new SqlConnection(@"server=.\SQLEXPRESS; database=loginTest;Trusted_Connection=yes");
                try
                {
                    myConnection.Open();
                }
                catch (Exception ex)
                {
                    MessageBox.Show(ex.ToString());
                }
               string checkAdmin1 = "SELECT * FROM Logins WHERE Name = '"+userNameBox.Text+"' AND User='Admin'";
            SqlCommand checkIfAdmin = new SqlCommand(checkAdmin1, myConnection);
            if (checkIfAdmin.ExecuteScalar() != null)
            {
               adminScreen admnscrn = new adminScreen();
                admnscrn.Show();
            }
            else
            {
                userScreen usrscrn = new userScreen();
                usrscrn.Show();
            }
            }
        }

任何人都可以帮我找出问题所在???我试过谷歌搜索，阅读，我似乎无法在任何地方找到答案... 附：它是一个winforms应用程序，用C＃编写，将在一台计算机上运行

sql用户检测无法正常工作

0 个答案: