我有一个使用MySQL数据库的数据库登录。如果用户登录成功,则会将用户带到菜单屏幕。一切正常,但我想要做的就是将用户带到一个单独的管理界面,如果他们的用户组"数据库中的字段表示" Admin"
我到目前为止,所有内容的工作代码如下:
Imports MySql.Data.MySqlClient
Public Class frmLogin
Dim MysqlConn As MySqlConnection
Dim command As MySqlCommand
Dim reader As MySqlDataReader
Private Sub btnLogin_Click(sender As Object, e As EventArgs) Handles btnLogin.Click
MysqlConn = New MySqlConnection
MysqlConn.ConnectionString =
"server=localhost;port=3307;userid=root;password=Djmmcm93;database=dojodb"
Dim reader As MySqlDataReader ' had to be declared inside the button or would not work
Try
MysqlConn.Open() ' opening the connection to the DB
Dim query As String
query = "select * from dojodb.userinfo where UserID='" & txtUserID.Text & "' and Password='" & txtPassword.Text & "'"
command = New MySqlCommand(query, MysqlConn)
reader = command.ExecuteReader 'executes the command and reads data from db
Dim count As Integer
count = 0
While reader.Read
count = count + 1
End While
If count = 1 Then
MessageBox.Show("Welcome!")
Me.Hide()
frmUserMenu.Show()
ElseIf count > 1 Then
MessageBox.Show("username and password are duplicated!") 'Only here as test
Else
MessageBox.Show("username and password are incorrect!")
End If
MysqlConn.Close()
Catch ex As Exception
MessageBox.Show(ex.Message) 'printing the exact error to help future testing if needed
Finally
MysqlConn.Dispose()
End Try
End Sub
End Class
答案 0 :(得分:0)
我注意到并改变的第一件事是SELECT *。出于性能原因,您应该尝试永远不要选择*并指定所需的列。如果有更多列,请随意添加。
然后我调整了你的代码,希望它可以帮助你:
Public Class frmLogin
Dim MysqlConn As MySqlConnection
Dim command As MySqlCommand
Dim reader As MySqlDataReader
Private Sub btnLogin_Click(sender As Object, e As EventArgs) Handles btnLogin.Click
MysqlConn = New MySqlConnection
MysqlConn.ConnectionString =
"server=localhost;port=3307;userid=root;password=Djmmcm93;database=dojodb"
Dim reader As MySqlDataReader ' had to be declared inside the button or would not work
Try
MysqlConn.Open() ' opening the connection to the DB
Dim query As String
query = "select UserID,Password from dojodb.userinfo where UserID='" & txtUserID.Text & "' and Password='" & txtPassword.Text & "'"
Dim userStatus = "select UserGroup from dojodb.userinfo where UserID='" & txtUserID.Text & "' and Password='" & txtPassword.Text & "'"
command = New MySqlCommand(query, MysqlConn)
reader = command.ExecuteReader 'executes the command and reads data from db
If UserGroup = "Admin" Then
'Send to admin page here
Else
Dim count As Integer
count = 0
While reader.Read
count = count + 1
End While
If count = 1 Then
MessageBox.Show("Welcome!")
Me.Hide()
frmUserMenu.Show()
ElseIf count > 1 Then
MessageBox.Show("username and password are duplicated!") 'Only here as test
Else
MessageBox.Show("username and password are incorrect!")
End If
MysqlConn.Close()
End If
Catch ex As Exception
MessageBox.Show(ex.Message) 'printing the exact error to help future testing if needed
Finally
MysqlConn.Dispose()
End Try
End Sub
End Class
答案 1 :(得分:0)
您可以尝试修改代码的下一部分:
Dim count As Integer
Dim UserGroup As String = "" ' <─────── Insert this line.
count = 0
While reader.Read
count = count + 1
UserGroup = reader("UserGroup").ToString ' <─────── Insert this line ("UserGroup" is the name of the field in the UserInfo table).
End While
If count = 1 Then
MessageBox.Show("Welcome!")
If UserGroup = "Admin" Then ' ' <─────── Insert this If to verified UserGroup.
' bring the user to separate admin screen
Else
Me.Hide()
frmUserMenu.Show()
End If
ElseIf count > 1 Then
MessageBox.Show("username and password are duplicated!") 'Only here as test
Else
MessageBox.Show("username and password are incorrect!")
End If