如何在比较文本框值时有限制?

时间:2014-06-02 11:04:27

标签: vb.net

Private Sub txtuser_LostFocus(ByVal sender As Object, ByVal e As System.EventArgs) Handles txtuser.LostFocus
    Try
        con.Open()
        adapter.Fill(table)
        sql = "Select * from login "
        command = New MySqlCommand(sql, con)
        myreader = command.ExecuteReader

        Dim a As Integer
        Dim b As Integer
        a = table.Rows.Count
        a -= 1
        b = 0

        If table.Rows.Count > 0 Then
            While (b <= a)
                If txtuser.Text = table.Rows(b).Item("username") Then

                    usercons.Visible = True
                    PictureBox1.Visible = False
                    txtuser.Text = ""
                    btnsave.Enabled = False

                ElseIf Not txtuser.Text = table.Rows(b).Item("username") Then

                    usercons.Visible = False
                    PictureBox1.Visible = True
                    btnsave.Enabled = False

                End If

                b += 1

            End While
        End If

    Catch ex As MySqlException
        MsgBox("An Error Occurred. " & ex.Number & " – " & ex.Message)
    End Try
    con.Close()
End Sub

1 个答案:

答案 0 :(得分:0)

这是对各种滥用行为开放的快速但非常危险的方式:

sql = "Select * from login WHERE username='" & txtuser.Text & "'

有一种更好的方法,创建一个参数:

con.Open()
adapter.Fill(table)
sql = "Select * from login WHERE username=@username"
command = New MySqlCommand(sql, con)
Dim param As New SqlParameter("@username", SqlDbType.VarChar)
command.Parameters.Add(param)
myreader = command.ExecuteReader

然后检查Rows属性,如果超过0行,则选择用户。