我需要验证用户提供的信息是否在数据库中,我试图输入正确的条件而不能正常工作它会返回一个在数据库中找不到的错误。你能检查我的代码并告诉我发生了什么吗? ,我试图调试它,但foreach循环继续循环,不会去if(isexist)语句
protected void btnSubmit_Click(object sender, EventArgs e)
{
token = FormsAuthentication.HashPasswordForStoringInConfigFile(txtUsername.Text.ToString() + txtAcctNo.Text.ToString(), "MD5");
try
{
bool isExist = false;
DataSet ds = new DataSet();
ds = startService.getAllUsersWithoutFilter();
if (ds.Tables[0].Rows.Count > 0)
{
foreach (DataRow dRow in ds.Tables[0].Rows)
{
string userName = dRow["UserName"].ToString();
string acctNo = dRow["AccountNumber"].ToString();
string question = dRow["SecretQuestion"].ToString();
string answer = dRow["SecretAnswer"].ToString();
if (userName == txtUsername.Text.ToString() && acctNo == txtAcctNo.Text.ToString() && question == cboQuestion.Text.ToString() && answer == txtAnswer.Text.ToString())
{
isExist = true;
}
else
{
isExist = false;
}
}
if (isExist)
{
startService.sendTokenizer(txtUsername.Text.ToString(), token);
//update database to change password to standard password
startService.inserUserActivity(txtUsername.Text.ToString(), txtAcctNo.Text.ToString(), "Password Reset Request", HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"]);
startService.requestReset(txtUsername.Text.ToString(), txtAcctNo.Text.ToString(), token);
lblMessage.ForeColor = System.Drawing.Color.Green;
lblMessage.Text = "<br>We have sent an email to you for the instructions to reset your password. Please check your email.";
}
else
{
this.lblMessage.ForeColor = System.Drawing.Color.Red;
this.lblMessage.Text = "<br><br>Error - Information cannot be found. Please check and try again. Make sure all the fields are correct.";
}
}
}
catch
{
lblError.Text = "There was an error occured while processing your request. Please try again later.";
}
}
答案 0 :(得分:5)
我认为你需要的是在将isExist设置为true时突破你的foreach循环。
if (userName == txtUsername.Text.ToString() && acctNo == txtAcctNo.Text.ToString() && question == cboQuestion.Text.ToString() && answer == txtAnswer.Text.ToString())
{
isExist = true;
break; //Found it, so stop looking.
}
答案 1 :(得分:2)
我认为Joel对你问题的直接回答是正确的。
我想补充一点,你应该重新考虑加载整个用户表并在Web服务器上迭代它。为什么不尝试从数据库中选择匹配的行?如果您获得匹配,则凭据有效。如果没有,它们无效。
答案 2 :(得分:0)
@Dhenn:您需要在代码中进行以下更改
protected void btnSubmit_Click(object sender, EventArgs e)
{
token = FormsAuthentication.HashPasswordForStoringInConfigFile(txtUsername.Text.ToString() + txtAcctNo.Text.ToString(), "MD5");
try
{
bool isExist = false;
DataSet ds = new DataSet();
ds = startService.getAllUsersWithoutFilter();
if (ds.Tables[0].Rows.Count > 0)
{
foreach (DataRow dRow in ds.Tables[0].Rows)
{
string userName = dRow["UserName"].ToString();
string acctNo = dRow["AccountNumber"].ToString();
string question = dRow["SecretQuestion"].ToString();
string answer = dRow["SecretAnswer"].ToString();
if (userName == txtUsername.Text.ToString() && acctNo == txtAcctNo.Text.ToString() && question == cboQuestion.Text.ToString() && answer == txtAnswer.Text.ToString())
{
// if exist execute following code
startService.sendTokenizer(txtUsername.Text.ToString(), token);
//update database to change password to standard password
startService.inserUserActivity(txtUsername.Text.ToString(), txtAcctNo.Text.ToString(), "Password Reset Request", HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"]);
startService.requestReset(txtUsername.Text.ToString(), txtAcctNo.Text.ToString(), token);
lblMessage.ForeColor = System.Drawing.Color.Green;
lblMessage.Text = "<br>We have sent an email to you for the instructions to reset your password. Please check your email.";
}
else
{
// id not exist then execute following code
this.lblMessage.ForeColor = System.Drawing.Color.Red;
this.lblMessage.Text = "<br><br>Error - Information cannot be found. Please check and try again. Make sure all the fields are correct.";
}
}
}
}
catch
{
lblError.Text = "There was an error occured while processing your request. Please try again later.";
}
}