Private Sub txtuser_LostFocus(ByVal sender As Object, ByVal e As System.EventArgs) Handles txtuser.LostFocus
Try
con.Open()
adapter.Fill(table)
sql = "Select * from login "
command = New MySqlCommand(sql, con)
myreader = command.ExecuteReader
Dim a As Integer
Dim b As Integer
a = table.Rows.Count
a -= 1
b = 0
If table.Rows.Count > 0 Then
While (b <= a)
If txtuser.Text = table.Rows(b).Item("username") Then
usercons.Visible = True
PictureBox1.Visible = False
txtuser.Text = ""
btnsave.Enabled = False
ElseIf Not txtuser.Text = table.Rows(b).Item("username") Then
usercons.Visible = False
PictureBox1.Visible = True
btnsave.Enabled = False
End If
b += 1
End While
End If
Catch ex As MySqlException
MsgBox("An Error Occurred. " & ex.Number & " – " & ex.Message)
End Try
con.Close()
End Sub
答案 0 :(得分:0)
这是对各种滥用行为开放的快速但非常危险的方式:
sql = "Select * from login WHERE username='" & txtuser.Text & "'
有一种更好的方法,创建一个参数:
con.Open()
adapter.Fill(table)
sql = "Select * from login WHERE username=@username"
command = New MySqlCommand(sql, con)
Dim param As New SqlParameter("@username", SqlDbType.VarChar)
command.Parameters.Add(param)
myreader = command.ExecuteReader
然后检查Rows属性,如果超过0行,则选择用户。