用户名或密码不正确"——得到同样的信息
本文关键字:信息 密码 不正确 quot 用户 | 更新日期: 2023-09-27 18:18:37
我尝试制作一个登录页面。但是,它总是显示这个消息:
用户名或密码不正确
虽然我很确定我的用户名和密码是正确的。
private void button1_Click(object sender, EventArgs e)
{
if (string.IsNullOrEmpty(txtbox_user.Text) || string.IsNullOrEmpty(txtbox_password.Text))
//txt_name.Text == String.IsNullOrEmpty || txt_family.Text == String.IsNullOrEmpty || txt_username.Text == String.IsNullOrEmpty || txt_password.Text == String.IsNullOrEmpty || txt_repeat.Text == String.IsNullOrEmpty || txt_mail.Text == String.IsNullOrEmpty)
{
MessageBox.Show("Plesae insert your username and password");
}
else
{
connection.Open();
OleDbCommand command = new OleDbCommand();
command.Connection = connection;
command.CommandText = " select * from Login where UserName =' " + txtbox_user.Text + " ' and PassWord = ' " + txtbox_password.Text + " ' ";
OleDbDataReader reader = command.ExecuteReader();
int count = 0;
while (reader.Read())
{
count = count + 1;
}
if (count == 1)
{
MessageBox.Show("Welcome!");
LearnerForm F2 = new LearnerForm();
F2.Show();
}
if (count > 1)
{
MessageBox.Show("Duplicate username or Password");
}
else
{
MessageBox.Show("Username or Password is not correct");
}
connection.Close();
}
}
在引号'后面有一个额外的空格。删除:
where UserName =' " + txtbox_user.Text + " ' and PassWord = ' " + txtbox_password.Text + " '
where UserName ='" + txtbox_user.Text + "' and PassWord = '" + txtbox_password.Text + "'
我还强烈建议您始终使用参数化查询来避免SQL注入。