以下查询返回1,即使我提供了错误的用户名,它只是比较密码为什么?
conn.ConnectionString=ConfigurationManager.ConnectionStrings("CoreConnection").ConnectionString
conn.Open()
cmd = New OleDbCommand("Select count(1) from admin where userid=@userid and password=@password", conn)
cmd.Parameters.AddWithValue("@userid", TextBox1.Text)
cmd.Parameters.AddWithValue("@password", TextBox2.Text)
Dim result As Integer = cmd.ExecuteScalar
conn.Close()
If (result > 0) Then
'MessageBox.Show("Success")
ad.Show()
Else
MsgBox("Invalid username or Password!")
End If