问题描述
以登录形式如何检查给定的密码是否在数据库中.如果仅在数据库中,则必须登录,否则必须显示一些文本消息,例如密码不存在".以及如何区分大小写输入密码.使用ASP .Net和C#
In login form how to check the given password is in database or not.if it is in database only it has to login else it has to show some text message like "password does not exist".and how to apply case sensitive for that password.Using ASP .Net and C#
推荐答案
"Select Id from UserMast where User_Name COLLATE Latin1_General_CS_AS= ''" + txt_uname.Text.Trim() + "'' and Passwd COLLATE Latin1_General_CS_AS= ''" + txt_Pwd.Text.Trim() + "'' "
其中UserMast是具有字段User_Name和Passwd的表,而txt_uname是用户名的文本框,而txt_Pwd是密码的文本框,如果此查询返回的ID不为null,则输入详细信息将有效,否则无效.此查询适用于Sql Server DB
Where UserMast is the table having fields User_Name and Passwd.And txt_uname is the textbox for User Name and txt_Pwd is for Password,If this query returns some id not null then the input detail will be valid else invalid.This query is for Sql Server DB.
private bool IsValidUser(string userName, string passWord)
{
bool loginSuccessful = false;
string sql = "SELECT* FROM Login WHERE Username=@UserName AND [Password]=@Password'";
SqlCommand sqlCommand= new SqlCommand(sql, con);
sqlCommand.Parameters.Add(new SqlParameter("Name", userName));
sqlCommand.Parameters.Add(new SqlParameter("[Password]", passWord));
SqlDataReader rdr = mySQL.ExecuteReader();
if (rdr.HasrRows())
loginSuccessful = true;
return loginSuccessful ;
}
并在Button Click事件中使用该方法,如下所示,
And use that method in Button Click event as like the below one,
private void loginbtn_Click(object sender, EventArgs e)
{
if( IsValidUser(nametxtbx.Text.Trim(),passtxtbx.Text.Trim()))
{
//Redirect to .....
}
else
{
// say Invalid Username or Password , please try again.
nametxtbx.Text = "";
passtxtbx.Text = "";
nametxtbx.Focus();
}
}
BtnLogin_Click()
{
//Get the username and password from the text boxes
//call a function which connects to database procedure and store the return value in boolean variable
//if the return value is true
then open next page
//else
display custom error
}
在该过程中,将uname,pwd用作参数:
伪代码
In the procedure pass the uname, pwd as paramters:
pseudo code
Storeprocedure(uname varchar,pwd varchar)
{
check whether the record exists for that uname and pwd.
(something like select count(*) into intcount from users where upper(username)=uname and password=pwd)
if intcount>0 return true.
else return false.
}
希望这会有所帮助.
Hope this helps.
这篇关于如何检查给定的密码是否在数据库中的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!