如何在VB中将用户名和密码的用户输入存储到phpmyadmin?

时间:2016-01-16 19:17:22

标签: mysql vb.net

我正在编写一个程序,要求用户将他们的用户名和密码输入到使用phpmyadmin的localhost上的数据库中。我尝试按照本教程了解如何执行此操作:https://www.youtube.com/watch?v=jZsTLlFoNuo我可以很好地连接到数据库,我认为我的问题是我的SQL语句。这是我的表格代码:

Imports MySql.Data.MySqlClient


Public Class frmSignup
Dim ServerString As String = "Server=localhost;User    Id=;Password=;Database=AccountInfo"
Dim SQLConnection As MySqlConnection = New MySqlConnection

Private Sub Form3_Load(sender As Object, e As EventArgs) Handles MyBase.Load
    SQLConnection.ConnectionString = ServerString

    Try
        If SQLConnection.State = ConnectionState.Closed Then
            SQLConnection.Open()
            MsgBox("Successfully connected to DB")

        Else
            SQLConnection.Close()
            MsgBox("Failed to connect to DB")
        End If
    Catch ex As Exception
        MsgBox(ex.ToString)

    End Try
End Sub

Public Sub SaveAccountInformation(ByRef SQLStatement As String)
    Dim cmd As MySqlCommand = New MySqlCommand

    With cmd
        .CommandText = SQLStatement
        .CommandType = CommandType.Text
        .Connection = SQLConnection
        .ExecuteNonQuery()
    End With
    SQLConnection.Close()
    MsgBox("Successfully Registered Account!")
    SQLConnection.Dispose()
End Sub

Private Sub btnSignup_Click(sender As Object, e As EventArgs) Handles btnSignup.Click
    If txtPasswd.Text = txtPasswd2.Text Then
        MessageBox.Show("Passwords Match!")
                    Dim SQLStatement1 As String = "INSERT INTO `accountinfodb` (`Usernames`, `Passwords`) VALUES ('', '')"


    Else
        MessageBox.Show("Passwords Do Not Match!")
        txtPasswd.Text = Focus()
        txtPasswd.Clear()
        txtPasswd2.Text = Focus()
        txtPasswd2.Clear()

    End If
End Sub
End Class

我的数据库被称为"帐户信息"我的桌子名为" Accounts"这是我想存储他们的用户名和密码的地方。

所以我的整体问题是,如何将我的信息(用户名和密码)存储到phpmyadmin中?我试过在谷歌上寻找,但无济于事我找到了什么。如果有人能帮我成功那就太棒了,谢谢!

编辑1

所以现在我的SQL语法出错,所以我大约99%确定我的代码中的SQL语句在存储用户名和密码时是不正确的。

       Dim SQLStatement1 As String = "INSERT INTO accountinfo(accountinfodb) (`Usernames`, `Passwords`) VALUES ('" & txtPasswd.Text & txtUsername.Text & "')"

给我错误:

  

未处理的类型' MySql.Data.MySqlClient.MySqlException'发生在MySql.Data.dll

中      

其他信息:您的SQL语法有错误;校验   与您的MariaDB服务器版本对应的手册   正确的语法,可以使用“UsernamesPasswords} VALUES附近的语法   (' 123123')'在第1行

当我输入123作为用户名,123输入密码。

1 个答案:

答案 0 :(得分:0)

    Dim ServerString As String = "Server=localhost;User Id=;Password=;Database=AccountInfo"
    Dim query As String = "INSERT INTO accountinfo(accountinfodb) (Passwords,Usernames) VALUES (@txtPasswd, @txtUsername)"
    cmd = New MySqlCommand(query, ServerString)
    cmd.CommandType = CommandType.Text
    cmd.Parameters.Add("@txtPasswd", SqlDbType.VarChar, 255).Value = txtPasswd.Text
    cmd.Parameters.Add("@txtUsername", SqlDbType.VarChar, 255).Value = xtUsername.Text
    cmd.ExecuteNonQuery()

但是如果你想要更多的安全性(Sql注入攻击)

d = car_database.Car()
ident = self.request.get('key')
d.get_by_id(ident).delete()
相关问题
最新问题