1. 首页
  2. 问答
  3. vb.net登录访问控制

vb.net登录访问控制

2012-01-12 121 views
0

即时通讯制作一个MySQL sigin形式,即时通讯尝试使用我的用户表来控制登录访问,但每当我输入任何随机字母它登录到,而不显示错误,其无效的用户名。vb.net登录访问控制

这是我到目前为止有:

Imports MySql.Data.MySqlClient 

    Public Class frmLogin 
     Private Sub cmdCancel_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles cmdCancel.Click 
      Application.Exit() 
     End Sub 

     Private Sub cmdLogin_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles cmdLogin.Click 
      Dim conn As New MySqlConnection 
      Dim myCommand As New MySqlCommand 

      Dim myConnString As String 
      Dim UserID As String 

      myConnString = "server=" & My.Settings.HostIP & ";" _ 
       & "user id=" & My.Settings.Username & ";" _ 
       & "password=" & My.Settings.Password & ";" _ 
       & "database=attendance" 

      conn.ConnectionString = myConnString 

      Try 
       conn.Open() 

       myCommand.Connection = conn 
       myCommand.CommandText = "SELECT user_bannerid FROM user WHERE BINARY username = ?Username" 
       myCommand.Parameters.Add("?Username", txtUsername.Text) 

       UserID = myCommand.ExecuteScalar 

       conn.Close() 

       Dim mainForm As New frmMain 
       mainForm.UserID = UserID 
       mainForm.connectionString = myConnString 
       mainForm.Show() 

       Me.Hide() 
       Me.Close() 
      Catch myerror As MySqlException 
       MessageBox.Show("Invalid User. Please Enter Your Correct Username") 
       conn.Dispose() 
      End Try 
     End Sub 

     Private Sub frmLogin_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load 
      Me.AcceptButton = cmdLogin 
      Me.CancelButton = cmdCancel 
     End Sub 
    End Class

来源

2012-01-12 user1012135

回答

2

这是因为你没有关闭窗体之前测试用户ID的价值。

您还需要使用语句来确保所有一次性物品都妥善处理。

这里是解决这两个问题重写:

Try 
     Using conn As New MySqlConnection 
      Using myCommand As New MySqlCommand 
       Dim myConnString As String 
       Dim UserID As String 

       myConnString = "server=" & My.Settings.HostIP & ";" _ 
        & "user id=" & My.Settings.Username & ";" _ 
        & "password=" & My.Settings.Password & ";" _ 
        & "database=attendance" 

       conn.ConnectionString = myConnString 

       conn.Open() 

       myCommand.Connection = conn 
       myCommand.CommandText = "SELECT user_bannerid FROM user WHERE BINARY username = ?Username" 
       myCommand.Parameters.Add("?Username", txtUsername.Text) 

       Dim oUserID As Object 

       oUserID = myCommand.ExecuteScalar 

       conn.Close() 

       If oUserID IsNot DBNull.Value AndAlso Not String.IsNullOrEmpty(oUserID) Then 
        Dim mainForm As New frmMain 
        mainForm.UserID = UserID 
        mainForm.connectionString = myConnString 
        mainForm.Show() 

        Me.Hide() 
        Me.Close() 
       Else 
        MessageBox.Show("Invalid User. Please Enter Your Correct Username") 
       End If 
      End Using 
     End Using 
    Catch myerror As MySqlException 
     MessageBox.Show("SQL Error" & myerror.ToString()) 
    End Try

来源

2012-01-12 19:35:31

+0

非常感谢你:d – user1012135 2012-01-12 20:06:12

相关问题

 相关问题