-1
這是我的程序,我需要驗證用戶名或密碼是否已經存在,但是如果我爲驗證添加另一個使用語句,它仍會通過數據庫。我應該如何使用IF內有如SQL語句( 「@用戶名」 == _f3txtuser.text)使用IF ELSE語句圍繞SQL使用C#
private void _F3Register_Click(object sender, EventArgs e)
{
if (_F3txtUser.Text == "" || _F3txtPass.Text == "")
MessageBox.Show("Please Fill The Missing Informations");
else if (_F3txtPass.Text != _F3txtCheckPass.Text)
MessageBox.Show("Password Do Not Match");
else if (("@USERNAME" == _F3txtUser) || ("@PASSWORD" == _F3txtPass))
MessageBox.Show("Username or Password already Exists");
else
{
using (SqlConnection _sqlcon = new SqlConnection(connectionstring)) //Database Connection
{
_sqlcon.Open();
String query2 = "Insert into LOGINFORM(USERNAME, PASSWORD, FNAME, LNAME, AGE) values(@USERNAME, @PASSWORD, @FNAME, @LNAME, @AGE)"; // Database Command for Insertion
using (SqlCommand _sqlcmd = new SqlCommand(query2, _sqlcon)) //using database connection and command in one method
{
_sqlcmd.Parameters.AddWithValue("@USERNAME", _F3txtUser.Text.Trim());
_sqlcmd.Parameters.AddWithValue("@PASSWORD", _F3txtPass.Text.Trim());
_sqlcmd.Parameters.AddWithValue("@FNAME", _txtFN.Text.Trim());
_sqlcmd.Parameters.AddWithValue("@LNAME", _txtLN.Text.Trim());
_sqlcmd.Parameters.AddWithValue("@AGE", _txtAge.Text.Trim());
_sqlcmd.ExecuteNonQuery();
}
MessageBox.Show("Registration Successfull");
Clear();
}
}
}
void Clear()
{
_F3txtUser.Clear();
_F3txtPass.Clear();
_txtFN.Clear();
_txtLN.Clear();
_txtAge.Clear();
_F3txtCheckPass.Clear();
}
}
} ELSE語句
代碼應該在這裏爲文本 –
你應該看看[燦w^e停止使用AddWithValue()了嗎?](http://blogs.msmvps.com/jcoehoorn/blog/2014/05/12/can-we-stop-using-addwithvalue-already/)並停止使用'.AddWithValue( )' - 它可能會導致意想不到的結果和令人驚訝的結果... –