{
conn.Open();
Using (SqlCommand CMD=conn. CreateCommand ())
{
Cmd.Com mandText="select * from T_Users where UserName=@ the UserName";
CMD. The Parameters. The Add (new SqlParameter (" UserName ", this. TxtUsername. Text. The Trim ()));
Using (SqlDataReader reader=CMD. ExecuteReader ())
{
If (reader. The Read ())
{
String dbpassword=reader. Get string (reader. GetOrdinal (" Password "));
If (dbpassword==this. TxtPassword. Text. The Trim ())
{
This. LblResults. Text="login successfully!" ;
}
The else {this. LblResults. Text="login failed"; }
}
The else
{
This. LblResults. Text="user name does not exist";
}
}
}
}
CodePudding user response:
Didn't see this kind of writing, learned theIn general I
are directly using SQL statements
string ls_name
String ls_pass
String ls_temp
Ls_name=sle_name. Text//input from the user login name
Ls_pass=sle_pass. Text//user input password
SELECT the PassWord
INTO: ls_temp
The FROM T_Users
WHERE the UserName=: ls_name AND;
If the SQLCA. SQLCode=1 then
MessageBox (" prompt ", "database error, login failed!" + "~ r ~ n" + "error message:" + SQLCA. SQLErrText)
The else
If the SQLCA. SQLCode=100 then
MessageBox (" prompt ", "incorrect login name")
The else
If IsNull (ls_temp) then ls_tmep=""
If IsNull (ls_pass) then ls_pass=""
If ls_temp & lt;> Ls_pass then
MessageBox (" prompt ", "wrong password")
The else
MessageBox (" prompt ", "login succeeds")
End the if
End the if
End the if
CodePudding user response:
The original poster should post to the c # version,Cmd.Com mandText="select * from T_Users where UserName=@ the UserName";
Should be have a problem here, and you change the select * from to select password from a try,