我正在使用mvc5创建一个Web应用程序我的数据库中有多个用户 例如
USERS
user1)username = ibrahim Password = 1ibrahim user2)username = admin password = 4321
当我从用户1(ibrahim)登录时,页面成功重定向到欢迎页面, 但是当我从用户登录到(管理员)时,错误即将来临
类型' System.InvalidCastException'的例外情况发生在 mscorlib.dll但未在用户代码中处理
附加信息:无法将对象从DBNull强制转换为其他对象 类型。
在user = Convert.ToBoolean(cmd.ExecuteScalar());这一行
这是我的代码
public class loginuser
{
SqlCommand cmd;
public string role { get; set; }
public string username { get; set; }
public string password { get; set; }
public bool getlogintype(string role, string username, string password)
{
string tru = "";
string fals = "";
bool user;
string strname = "";
SqlConnection con = new SqlConnection("Data Source=erp.hti-india.com,1434;Initial Catalog=erp;Connect Timeout=3600;User Id=erprakesh;Password=14erprakesh14");
List<object> login = new List<object>();
if (role == "Admin" || role == "Super Admin" || role !=null)
{
cmd = new SqlCommand("select * from [admin] where userid='" + username + "' and pass ='" + password + "'", con);
con.Open();
SqlDataAdapter da = new SqlDataAdapter(cmd);
DataTable dt = new DataTable();
da.Fill(dt);
if (dt.Rows.Count > 0)
{
user = true;
//HttpContext.Current.Session["userid"] = username.ToString();
//HttpContext.Current.Session["tru"] = tru.ToString();
// want to redirect to welcome page if condition satisfied.
}
else
{
user = false;
//want to show the label error message(declare as string errormsg)
}
con.Close();
}
con.Open();
user = Convert.ToBoolean(cmd.ExecuteScalar());
con.Close();
return user;
}
}
答案 0 :(得分:2)
您的查询返回null,由DBNull.Value表示。你应该在转换为布尔值之前检查它:
object result = cmd.ExecuteScalar();
if (result == DBNull.Value)
{
user = false; // or something like that
}
else
{
user = Convert.ToBoolean(result);
}
请注意,您的语句易受SQL注入攻击。始终使用参数化查询!还要小心select *。如果添加列,可能会遇到问题。只选择您需要的字段。