我一直试图通过我的App.config中的连接字符串连接到我的MS Sql数据库,但由于某种原因它无法登录,我似乎无法弄清楚。无法连接到数据库C#
这是我的连接方法:
public void Con()
{
string userName = userNameBox.Text;
string passWord = passWordBox.Text;
bool loginFail;
SqlConnection Conn = new SqlConnection(ConfigurationManager.ConnectionStrings["lagerConn"].ConnectionString);
//Search Connstring for User ID= & Password= and replace with username and password from Textboxes
if (_Connstring.Contains("User ID="))
{
_Connstring = _Connstring.Replace("User ID=;", "User ID=" + userName + ";");
}
if (_Connstring.Contains("Password="))
{
_Connstring = _Connstring.Replace("Password=", "Password='" + passWord + "'");
}
try
{
Conn.Open();
Conn.Close();
loginFail = false;
}catch
{
MessageBox.Show("Login Failed");
loginFail = true;
}
if(loginFail == false) //If login is successful it will change to the next form and hide the Connect form
{
mainMenu secondForm = new mainMenu();
secondForm.Show();
this.Hide();
}
}`
这里是我的App.config
<add name="lagerConn" connectionString="Data Source=LagerServer;Initial Catalog=LagerDB;Persist Security Info=True;User ID=;Password="
providerName="System.Data.SqlClient" />
</connectionStrings>
您应该始终使用[参数化查询](http://blog.codinghorror.com/give-me-parameterized-sql-or-give-me-death/)。这种字符串连接对于[SQL注入](http://en.wikipedia.org/wiki/SQL_injection)攻击是开放的。并且**不要将您的密码存储为纯文本**。使用散列函数作为SHA-512。 – 2014-09-22 07:14:55
你可以给我们例外,你连接时收到 – Vasistan 2014-09-22 07:15:47
这里是例外http://gyazo.com/d312025a0af3592ebbd64bf72435f442 – Andrew 2014-09-22 07:19:52