在vb2010中使用mysqlconnector登錄系統

Question

我爲我的程序做了一個簡單的登錄代碼。

在我的網站上，我已經爲存儲用戶名，電子郵件和密碼的程序創建了一個mysql數據庫，我查詢了數據庫2次以插入2個帳戶。

我可以登錄沒有問題的第一個帳戶，但不是與第二和第三等。

反正這裏是代碼：

Dim dbConn As New MySqlConnection 
         Dim UsernameVerify As New MySqlCommand 
         Dim PasswordVerify As New MySqlCommand 
         Dim EmailVerify As New MySqlCommand 
         Dim typeverify As New MySqlCommand 
         Dim lgnUsername As String 
         Dim lgnPassword As String 
         Dim lgnEmail As String 
         Dim lgntype As String 
         'server info 
         dbConn.ConnectionString = "server=*************;UserID=*******;password=********;database=*****" 
         Try 
          dbConn.Open() 
          UsernameVerify.Connection = dbConn 
          UsernameVerify.CommandText = "Select USERNAME from users" 
          PasswordVerify.Connection = dbConn 
          PasswordVerify.CommandText = "Select PASSWORD from users" 
          EmailVerify.Connection = dbConn 
          EmailVerify.CommandText = "Select EMAIL from users" 
          typeverify.Connection = dbConn 
          typeverify.CommandText = "Select TYPE from users" 


          lgnUsername = UsernameVerify.ExecuteScalar 
          lgnPassword = PasswordVerify.ExecuteScalar 
          lgnEmail = EmailVerify.ExecuteScalar 
          lgntype = typeverify.ExecuteScalar 
          dbConn.Close() 
          If ComboBox1.Text = lgnUsername And ComboBox2.Text = lgnPassword And ComboBox3.Text = lgnEmail And ComboBox4.Text = lgntype Then 
           Panel1.BackgroundImage = mpng2 
           Label5.Text = "Succesfully verified user !" 
           Me.Close() 

          Else 
           Panel1.BackgroundImage = mpng 
           Label5.Text = "Could not find user check your credentials" 
           ComboBox1.Focus() 

          End If 
         Catch ex As MySqlException 
          Label5.Text = "Error while verifying " 
          MessageBox.Show("Error when connecting to database|" + ex.Message) 
          dbConn.Dispose() 
          verifying.Close() 

         End Try 

有誰知道如何解決這個問題。

我已經在考慮使用while循環或者其他什麼東西？

Answer 1

不需要循環，而且你正在爲自己拼命工作。請記住始終保持簡單。

簡單的登錄代碼可能是這個樣子：

Protected Sub btnLogin_Click(ByVal sender As Object, ByVal e As SYstem.EventArgs) Handles btnLogin.Click 

    Dim conn As New MysqlConnection("Server=****;Database=****;User=****;Password=****;") 

    Dim sql As String = "SELECT userid, username, password, email, type FROM users WHERE username = xname AND password = xpass" 

    Dim args As New List(Of MySqlParameter) 
    args.Add(New MySqlParameter("xname", txtUsername.Text)) 
    args.Add(New MySqlParameter("xpass", txtPassword.Text)) 

    Dim cmd As MySqlCommand = New MySqlCommand(sql, conn) 
    cmd.Parameters.AddRange(args.ToArray) ' You might want to check this, not sure if it needs the .ToArray 

    Dim drLogin As MySqlDataReader = cmd.ExecuteReader() 

    If drLogin.HasRows 

     ' do login code here (I'll store user details out the DataReader and redirect) 
     dr.Read() 

     Session("userid") = dr("userid") 
     Session("username") = dr("username") 
     Session("usertype") = dr("type") 

     Response.Redirect("~/Members/Home.aspx") 
    Else 
     lblerr.Text = "Invalid username/password" 
     lblerr.ForeColor = System.Drawing.Color.Red 
    End If 
End Sub 

這段代碼獲得所有用戶的信息，你可能需要1個單查詢（良好的數據庫上的開銷限制）。 sql中的WHERE子句意味着它只會得到一行，用戶名和密碼與用戶登錄的內容相匹配。

List(Of SqlParameter)只是存儲輸入的值以供在sql中使用。這有助於更安全的形式，因爲sql注入的可能性很小。我將這個List轉換爲數組，因爲我不確定SqlCommand.Paramaters.AddRange是否接受List。一種方式或另一種方式將工作。

會話變量對於顯示僅與登錄用戶相關的內容很有用。您可以使用userid來限制數據庫的結果，以僅獲取用戶標識與Session（「userid」）值相同的內容。

希望這會有所幫助！