如何存储用户信息以供MySQL将来使用

时间:2019-04-19 20:45:09

标签: mysql .net vb.net

我有一个非常简单的应用程序,用户可以登录并重定向到仪表板。我使登录部分正常工作,但是,我的下一个目标是能够存储用户信息,以便以后在其他表单上使用。

示例:用户“ admin”成功登录。我需要能够在表中存储 admin 的每一列,以便我们可以调用用户信息获取欢迎消息,用户信息表单等,而不必每次都查询数据库。

我相信这可以通过一个类来完成,但是,我不确定如何重写我的登录脚本以将所有详细信息保存到一个类中。

我尝试创建一个类,并为每个列添加Public Shared属性,但是我不确定如何将每个列(而不只是用户名)添加到类中。

Imports MySql.Data.MySqlClient

Public Class frmLogin
    'count is number of invalid login attempts
    Dim count As Integer
    Private Sub btnLogin_Click(sender As Object, e As EventArgs) Handles btnLogin.Click
        count = count + 1
        Dim x As New MySqlConnection
        Dim admin As New MySqlCommand
        Dim dr1 As MySqlDataReader
        ConnectDatabase()
        admin.Connection = conn
        admin.CommandText = "SELECT user.username, user.password FROM user WHERE user.username = '" & txtUsername.Text & "' and user.password = '" & txtPassword.Text & "'"
        dr1 = admin.ExecuteReader

        If dr1.HasRows Then
            'Read the data
            dr1.Read()

            Me.Hide()
            frmDashboard.Show()
        Else
            MsgBox("Invalid Username or Password! " & vbCrLf & count & " out of 3 attempts remaining.")

            If count >= 3 Then
                MsgBox("You have exceeded the maximum number of attempts to login. Account has been disabled. Please contact OJFS helpdesk at extension 100.", MsgBoxStyle.Critical)
                txtUsername.Enabled = False
                txtPassword.Enabled = False
            End If
        End If
        Connect.conn.Close()
    End Sub
    Dim Assistance As Boolean = False
    Private Sub linkLoginHelp_LinkClicked(sender As Object, e As LinkLabelLinkClickedEventArgs) Handles linkLoginHelp.LinkClicked
        If Assistance = True Then
            Me.Height = 284
            Me.CenterToScreen()
            Assistance = False
            txtUsername.Select()
        Else
            Me.Height = 463
            Me.CenterToScreen()
            Assistance = True
            txtUsername.Select()
        End If
    End Sub

    Private Sub btnExit_Click(sender As Object, e As EventArgs) Handles btnExit.Click
        Application.Exit()
    End Sub
End Class

1 个答案:

答案 0 :(得分:1)

Using...End Using块可确保即使发生错误也可以关闭和处置数据库对象。

当然,在真实的应用程序中,您永远不会将密码存储为纯文本。

行中的评论。

'Your class might look something like this
Public Class User
    Public Shared ID As Integer
    Public Shared Name As String
    Public Shared Department As String
    Public Shared Address As String
End Class

Private count As Integer
Private Sub btnLogin_Click(sender As Object, e As EventArgs) Handles btnLogin.Click
    count = count + 1
    'keep connections local for better control
    'pass the connection strings directly to the constructor of the connection
    Using cn As New MySqlConnection("Your connection string")
        'pass the query and the connection directly to the constructor of the commmand
        Using cmd As New MySqlCommand("SELECT * FROM user WHERE user.username = @User and user.password = @Password;", cn)
            'Always use parameters to avoid SQL injection
            cmd.Parameters.Add("@User", MySqlDbType.VarChar).Value = txtUsername.Text
            cmd.Parameters.Add("@Password", MySqlDbType.VarChar).Value = txtPassword.Text
            'Open the Connection at the last possible minute.
            cn.Open()
            Using dr1 = cmd.ExecuteReader
                If dr1.HasRows Then
                    dr1.Read()
                    'The indexes of the data reader depent on th order of the fields in the database
                    User.ID = CInt(dr1(0))
                    User.Name = dr1(1).ToString
                    User.Department = dr1(2).ToString
                    User.Address = dr1(3).ToString
                    Me.Hide()
                    frmDashboard.Show()
                    Return 'a successful login will end here
                End If
            End Using 'closes and disposed the reader
        End Using 'close and disposes the command
    End Using 'closes and dipose the connection
    MsgBox("Invalid Username or Password! " & vbCrLf & count & " out of 3 attempts remaining.")
    If count >= 3 Then
        MsgBox("You have exceeded the maximum number of attempts to login. Account has been disabled. Please contact OJFS helpdesk at extension 100.", MsgBoxStyle.Critical)
        btnLogin.Enabled = False 'Instead of the text boxes disable the button.
        'If you just disable the text boxes they can keep clicking the button and opening connections.
    End If
End Sub