我在检查表中的用户和密码后尝试了几种不同的方法来更新列,虽然我没有运气更新有或没有UserId的Last_login列(这是我的主键)除非我将用户名更改为主键,否则我没有在不包含Last_login sql命令的情况下登录,尽管我希望将其包括在内。
private void Connect()
{
SqlConnection connection = new SqlConnection();
//Imports the methods from Custom Security class
Custom_Security security = new Custom_Security();
string userid = "";
string time = "";
try
{
connection.ConnectionString = connectionPath;
connection.Open();
SqlCommand cmd = new SqlCommand("SELECT * FROM Logins WHERE Username = @Username (UserId, Password) VALUES (@UserID, @Password)");
cmd.CommandType = CommandType.Text;
cmd.Connection = connection;
cmd.Parameters.AddWithValue("@Username", txtuser.Text);
cmd.Parameters.AddWithValue("@Password", security.AES(security.Hashstring(txtpass.Text)));
cmd.Parameters.AddWithValue("@UserId", userid);
cmd.ExecuteNonQuery();
SqlDataReader dr = cmd.ExecuteReader();
if (dr.Read())
{
DialogResult dlgResult;
dlgResult = MessageBox.Show(
"Welcome: " + txtuser.Text,
"Login sucessful",
MessageBoxButtons.OK,
MessageBoxIcon.Information,
MessageBoxDefaultButton.Button1);
//Closes the data reader
dr.Close();
//Clears previous SQL command
cmd.Parameters.Clear();
DateTime timeNow = DateTime.UtcNow;
time = timeNow.ToShortTimeString();
//Inserts current time into field last login to update the column
cmd.CommandText = "INSERT INTO Logins (UserId, Last_login) VALUES (@UserId, @Last_login)";
cmd.Parameters.AddWithValue("@UserId", userid);
cmd.Parameters.AddWithValue("@Last_login",time);
cmd.ExecuteNonQuery();
this.Hide();
//loads the protected menu
Protected protectedform = new Protected(txtuser.Text);
protectedform.Show();
}
else
{
DialogResult dlgResult;
dlgResult = MessageBox.Show(
"Please try again",
"Login unsucessful",
MessageBoxButtons.OK,
MessageBoxIcon.Warning,
MessageBoxDefaultButton.Button1);
}
connection.Close();
connection.Dispose();
}
catch (SqlException sql)
{
MessageBox.Show(sql.Message);
}
}
执行的一个例子: http://imgur.com/88IziLt
如果有人能够发现或知道解决方法,请告诉我:)。
非常感谢, 10gez10
答案 0 :(得分:2)
您的第一个查询应该只是一个简单的SELECT,参数为@UserName和@Password
using(SqlCommand cmd = new SqlCommand(@"SELECT * FROM Logins
WHERE Username = @Username
AND Password = @Password", connection);
{
cmd.Parameters.AddWithValue("@Username", txtuser.Text);
cmd.Parameters.AddWithValue("@Password", security.AES(security.Hashstring(txtpass.Text)));
using(SqlDataReader dr = cmd.ExecuteReader())
{
if (dr.Read())
....
}
}
现在,如果您找到了自己的用户,则应使用userid值使用UPDATE查询来设置lastlogin
.....
dr.Close();
//Clears previous SQL command
cmd.Parameters.Clear();
DateTime timeNow = DateTime.UtcNow;
time = timeNow.ToShortTimeString();
//Inserts current time into field last login to update the column
cmd.CommandText = @"UPDATE Logins SET Last_login
WHERE UserID = @UserId";
cmd.Parameters.AddWithValue("@UserId", userid);
cmd.Parameters.AddWithValue("@Last_login",time);
cmd.ExecuteNonQuery();