Of Stack

ADO. NET Make a login case

  • 2021-08-03 09:57:03
  • OfStack

The general idea. According to the user input user name and password, to judge, and database is stored inside is 1 sample, if 1 sample indicates that the login is successful, otherwise the login failed.

Option 1:
1.select* from Table Name where username= "User name entered by user"
2. If there is reader. Read (), that is, the user name exists, then judge whether the password entered by the user and the obtained password (reader. GetString (reader. GetOridinal ("password field")) are the same. If there is one, the login will be successful, otherwise, the login will fail.

Option 2:
select * from table name where username= "User name entered by user" and password= "Password entered by user". If the data is found, the login is successful. Otherwise login fails.

Next, let's use Scheme 1 to do a login case.

Here, for convenience, use the console application.
Prelude:
I'm going to write the connection string in the configuration file this time,
1. First we'll add a reference to the namespace: System. Configuration;
2. Then in our configuration file AppConfig, < Configuration > Add node information about the connection string under the. 


<configuration>
<connectionStrings>
 <add name="ConStr" connectionString="server=.;database=DB_USERS;uid=sa;pwd=Pasword_1"/>
 </connectionStrings>
 <startup> 
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5" />
 </startup>
</configuration>

The place marked with red color is the connection string node information we added;

3. Then I get used to creating an DBHelper class in which I declare a method to get the connection string: 


using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Configuration;// Add a reference to this in the project and add this namespace in this class 

namespace ADO.NET Login case 1
{
  public class DBHelper
  {
    public static string GetConnectionStrings()
    {
      // Use ConfigurationManager Class to get information about the connection string. 
      return ConfigurationManager.ConnectionStrings["ConStr"].ConnectionString;
    }
  }
}

4. I still use stored procedures this time, creating a stored procedure that queries by user name: 


IF OBJECT_ID('Ins_User','P') IS NOT NULL 
 DROP PROCEDURE Ins_User
 GO
 CREATE PROCEDURE Ins_User
 @name NVARCHAR(20)

 AS 
 SELECT * FROM dbo.T_USERS WHERE T_NAME=@name
 GO

Stored procedure

After the preparatory work in the early stage is done well, now let's start writing programs and coding to achieve:
Idea: Scheme 1, I said, first of all, of course, we let the user input. User name and password, Then query the table corresponding to the database according to the user name entered by the user, If there is no relevant data, prompt that the user name does not exist; If there is, continue to judge whether the password entered by the user is correct (take the password entered by the user and the password corresponding to the database to judge); If it is correct, prompt that the login is successful; Otherwise, prompt that the password is wrong.
* Here I use parameterized queries to write login cases in order to prevent SQL injection attacks. 


using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Data;
using System.Data.SqlClient;

namespace ADO.NET Login case 1
{
  class Program
  {
    static void Main(string[] args)
    {
      // Prompt the user for a user name 
      Console.WriteLine(" Please enter a user name: ");
      // Use Console.ReadLine() Receive information entered by the user 
      string userName = Console.ReadLine();
      // Prompt the user for a password 
      Console.WriteLine(" Please enter your password: ");
      string password = Console.ReadLine();


      // Now is the time to start using it ADO.NET Technology, to query the database 

      // Connection mode access 
      //1. Create a connection object (connection string) 
      SqlConnection scon = new SqlConnection(DBHelper.GetConnectionStrings());

      //2. Create a command object ( And sets the property value for the command object )
      SqlCommand scmd = new SqlCommand();
      scmd.CommandText = "Ins_User";
      scmd.CommandType = CommandType.StoredProcedure;
      scmd.Connection = scon;

      //3 Open a connection 
      scon.Open();


      // Setting parameters 
      scmd.Parameters.Add(new SqlParameter("@name",userName.Trim()));

      //4. Execute a command 
      SqlDataReader reader = scmd.ExecuteReader(CommandBehavior.CloseConnection);


      //5 Processing data 
      if (reader.Read())
      {

        if (password.Trim().ToString() == reader["T_PWD"].ToString())
        {
          Console.WriteLine(" Login Successful ");
        }
        else
        {
          Console.WriteLine(" Password error ");
        }
      }
      else
      {
        Console.WriteLine(" User name does not exist ");
      }
      // Reader run out 1 Be sure to close 
      reader.Dispose();
      Console.ReadKey();

    }
  }
}
Related articles: