附加信息：用户'登录失败。 SQL Server 2012的

Question

我已经在股票这个问题：

Imports System.ComponentModel 
Imports System.Data.SqlClient 

Public Class Form1 
    Dim MyConnection As SqlConnection = New SqlConnection("Server=DESKTOP-I0N45MV\SQL2012;Database=user;uid=;pwd=") 
    Dim MyDataAdapter As New SqlDataAdapter() 
    Dim MyDataAdapter1 As New SqlDataAdapter() 
    Dim Result As String 
    Dim Result1 As String 

    Private Sub login_Click(sender As Object, e As EventArgs) Handles login.Click 
     MyDataAdapter.SelectCommand = New SqlCommand() 
     MyDataAdapter1.SelectCommand = New SqlCommand() 

     MyDataAdapter.SelectCommand.Connection = MyConnection 
     MyDataAdapter1.SelectCommand.Connection = MyConnection 
     MyDataAdapter.SelectCommand.CommandText = "Select Username From users WHERE Username ='" & user_.Text & "'" 
     MyDataAdapter1.SelectCommand.CommandText = "Select Password From users WHERE Password ='" & pass_.Text & "'" 
     MyConnection.Open() 
     Result = MyDataAdapter.SelectCommand.ExecuteScalar() 
     Result1 = MyDataAdapter1.SelectCommand.ExecuteScalar() 
     MyConnection.Close() 

Answer 1

首先不曾经使用过这样的：
MyDataAdapter.SelectCommand.CommandText = "SELECT Username FROM users WHERE Username ='" & user_.Text & "'"，因为它会让你的代码是通过SQL注入注射，改为使用stored procedure或parameterized queries。

其次我不明白为什么你会使用两个查询。
难道你不能像SELECT Username FROM users WHERE Username = 'foo' AND Password = 'bar'那样做，然后就使用这个查询的结果吗？

第三我建议你通过连接字符串作为参数传递给您的项目。如果您正在编写一个WinForms项目，你可以这样访问：Dim connection As New SqlConnection(My.Settings.connectionString)

而且最后因为这是你的要求，你的连接字符串应该像 Server=YourServerName;Database=YourDBName;Trusted_Connection=True;。
如果您在SQL Server上使用Windows身份验证，则应该看起来像这样远程Server=myServerAddress;Database=myDataBase;User Id=myUsername; Password=myPassword;，如果您使用用户名和密码进行身份验证。