管理员和用户检查不起作用

本文关键字:不起作用 检查 用户 管理员 | 更新日期: 2023-09-27 17:57:29

我有一个名为Logins的数据库表,它有三列:UsernamePasswordCategory。类别有两种类型:AdminUser

我有一个带有两个文本框的表单,用户将在其中写入用户名和密码。使用用户名文本框输入,我想检查给定的用户名是Admin还是User,并在此基础上打开不同的表单。

我收到以下错误:

意外错误:"'" 附近的语法不正确

SqlConnection con = new SqlConnection("Data Source=JAYI-PC''SQLEXPRESS;Initial Catalog=db-ub;Integrated Security=True");
try
{
    con.Open();
    SqlCommand cmd = new SqlCommand(@"SELECT Count(*) FROM Logins
                            WHERE Username=@uname and
                            Password=@pass,Category=@ctgy", con);
    cmd.Parameters.AddWithValue("@uname", textBox_usern.Text);
    cmd.Parameters.AddWithValue("@pass", textBox_pwd.Text);
    cmd.Parameters.AddWithValue("@ctgy", c); //Can't understand how to check it
    int result = (int)cmd.ExecuteScalar();
    if (result > 0)
    {
        if (c== "Admin")//this one will chek whether user is admin or user
        {
            MessageBox.Show("Welcome Admin");
            Admin f1 = new Admin();
            f1.Show();
        }
        else
        {
            MessageBox.Show("Welcome " + textBox_usern.Text);
            FormCheck f3 = new FormCheck();
            f3.Show();
        }
    }
    else
    {
        MessageBox.Show("Incorrect login");
    }
    textBox_usern.Clear();
    textBox_pwd.Clear();
}
catch (Exception ex)
{
    MessageBox.Show("Unexpected error:" + ex.Message);
}

管理员和用户检查不起作用

您的查询不正确,它错过了一个and,并且有额外的,。它应该像这个

SELECT Count(*) FROM Logins
WHERE Username=@uname and
Password=@pass and Category=@ctgy

我相信您正在尝试读取类别,将您的查询更改为此

SqlCommand cmd = new SqlCommand(@"SELECT Category FROM Logins
                            WHERE Username=@uname and
                            Password=@pass", con);
cmd.Parameters.AddWithValue("@uname", textBox_usern.Text);
cmd.Parameters.AddWithValue("@pass", textBox_pwd.Text);
SqlDataReader reader = cmd.ExecuteReader();
if (reader.Read())
{
var c = reader["Category"].ToString();
   if (c== "Admin")//this one will chek whether user is admin or user
    {
        MessageBox.Show("Welcome Admin");
        Admin f1 = new Admin();
        f1.Show();
    }
    else
    {
        MessageBox.Show("Welcome " + textBox_usern.Text);
        FormCheck f3 = new FormCheck();
        f3.Show();
    }
}
else
{
    MessageBox.Show("Incorrect login");
}
textBox_usern.Clear();
textBox_pwd.Clear();

您的程序只检查用户是否存在。。它不会将类别发回。所以你应该使用execute阅读器。如果找到用户,它将发回详细信息。检查以下代码。

 SqlConnection con = new SqlConnection("Data Source=JAYI-PC''SQLEXPRESS; 
    Initial Catalog=db-ub;Integrated Security=True");
    try
    {
        con.Open();
      string cat = null;
        SqlCommand cmd = new SqlCommand(@"SELECT Username,Password,Category
        FROM Logins WHERE Username=@uname and
        Password=@pass", con);
        cmd.Parameters.AddWithValue("@uname", textBox_usern.Text);
        cmd.Parameters.AddWithValue("@pass", textBox_pwd.Text);
        SqlDataReader rdr = cmd.ExecuteReader();  
        //int result = (int)cmd.ExecuteScalar();
       int result = 0;
       while(rdr.Read()
     {
       result++; //to confirm it entered while loop so data is there
       cat = rdr["Category"].ToString();
     }
        if (result > 0)
        {
            if (cat == "Admin")//this one will chek whether user is admin or
                                 user
            {
                MessageBox.Show("Welcome Admin");
                Admin f1 = new Admin();
                f1.Show();
            }
            else
            {
                MessageBox.Show("Welcome " + textBox_usern.Text);
                FormCheck f3 = new FormCheck();
                f3.Show();
            }
        }
        else
        {
            MessageBox.Show("Incorrect login");
        }
        textBox_usern.Clear();
        textBox_pwd.Clear();
相关文章: