Question

我创建了一个登录表单的简单程序。它以一种非常简单的方式工作，但我发现登录时它不区分大小写。例如，如果我的用户名为Test而我将使用test登录，则仍会接受该用户名。

SqlConnection connect = new SqlConnection("Data Source=LAFAYETTE-PC;Initial Catalog=Thesis;Integrated Security=True");
connect.Open();
SqlCommand command = new SqlCommand("SELECT * FROM AdminCredentials WHERE Username = '" + LogInUsername.Text + "' AND Password  = '" + LogInPassword.Text + "' ", connect);
SqlDataReader reader;
reader = command.ExecuteReader();
int count = 0;
while (reader.Read())
{
    count += 1;
}

if (count == 1)
{
    MessageBox.Show("Successfully Logged In!");
    MainForm form2 = new MainForm();
    form2.ShowDialog();
}
else if (count > 0)
{
    MessageBox.Show("Incorrect username and passsword");
}
else
{
    MessageBox.Show("Username or password is incorrect");

}

任何想法？非常感谢帮助！

Answer 1

将“COLLATE Latin1_GENERAL_CS_AS”附加到您的查询

new SqlCommand("SELECT * FROM AdminCredentials WHERE Username = '" + LogInUsername.Text + "' AND Password  = '" + LogInPassword.Text + "'  COLLATE Latin1_GENERAL_CS_AS"

并阅读有关Sql Injection ...

的信息

如何使登录表单区分大小写

1 个答案: