我正在我的应用程序上设计一个基本的电子邮件和密码表单。它使用与链接的数据库中找到的用户名和密码。我遇到了一个问题,如何将案例敏感性考虑在内?比如:
更正详情:电邮:matt@gmail.com密码:gordan123
但是它允许密码为:Gordan123,GORDAN123和GoRdAn123等。我如何才能使它只接受数据库中考虑了区分大小写的那个?
抱歉,我不知道如何更好地描述这个问题。这是代码:
SQL_Str = "CREATE TABLE Table_UserDetails (UserImageLocation TEXT, FirstName VARCHAR(25), LastName VARCHAR(25), Gender VARCHAR(6), EmailAddress VARCHAR(40) PRIMARY KEY, UserPassword VARCHAR(25))"
dbCommand = New OleDbCommand(SQL_Str, dbConnector)
dbCommand.ExecuteNonQuery()
Private Sub BtnLogin_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles BtnLogin.Click
If LoginDetailsSearch() = True Then
FormMain.Show()
Else
MsgBox("The E-Mail address or password you entered is not valid, please check your entries and try again.", MsgBoxStyle.Critical, "Error")
End If
End Sub
Function LoginDetailsSearch() As Boolean
dbConnector.Open()
SQL_Str = "SELECT * FROM Table_UserDetails"
dbDataAdapter = New OleDbDataAdapter(SQL_Str, dbConnector)
dbDataAdapter.Fill(dbDataSet, "Users")
For Each Record In dbDataSet.Tables("Users").Rows
If txtEmail.Text = Record.Item(4) And txtPassword.Text = Record.Item(5) Then
SelectedUserFirstName = Record.Item(1)
SelectedUserLastName = Record.Item(2)
dbConnector.Close()
Return True
End If
Next
dbConnector.Close()
Return False
End Function
答案 0 :(得分:5)
不要以纯文本格式存储密码。存储密码的哈希值或盐渍哈希并比较哈希值。