ADO. NET Make a login case
- 2021-08-03 09:57:03
- OfStack
The general idea. According to the user input user name and password, to judge, and database is stored inside is 1 sample, if 1 sample indicates that the login is successful, otherwise the login failed.
Option 1:
1.select* from Table Name where username= "User name entered by user"
2. If there is reader. Read (), that is, the user name exists, then judge whether the password entered by the user and the obtained password (reader. GetString (reader. GetOridinal ("password field")) are the same. If there is one, the login will be successful, otherwise, the login will fail.
Option 2:
select * from table name where username= "User name entered by user" and password= "Password entered by user". If the data is found, the login is successful. Otherwise login fails.
Next, let's use Scheme 1 to do a login case.
Here, for convenience, use the console application.
Prelude:
I'm going to write the connection string in the configuration file this time,
1. First we'll add a reference to the namespace: System. Configuration;
2. Then in our configuration file AppConfig,
<
Configuration
>
Add node information about the connection string under the.
<configuration>
<connectionStrings>
<add name="ConStr" connectionString="server=.;database=DB_USERS;uid=sa;pwd=Pasword_1"/>
</connectionStrings>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5" />
</startup>
</configuration>
The place marked with red color is the connection string node information we added;
3. Then I get used to creating an DBHelper class in which I declare a method to get the connection string:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Configuration;// Add a reference to this in the project and add this namespace in this class
namespace ADO.NET Login case 1
{
public class DBHelper
{
public static string GetConnectionStrings()
{
// Use ConfigurationManager Class to get information about the connection string.
return ConfigurationManager.ConnectionStrings["ConStr"].ConnectionString;
}
}
}
4. I still use stored procedures this time, creating a stored procedure that queries by user name:
IF OBJECT_ID('Ins_User','P') IS NOT NULL
DROP PROCEDURE Ins_User
GO
CREATE PROCEDURE Ins_User
@name NVARCHAR(20)
AS
SELECT * FROM dbo.T_USERS WHERE T_NAME=@name
GO
Stored procedure
After the preparatory work in the early stage is done well, now let's start writing programs and coding to achieve:
Idea: Scheme 1, I said, first of all, of course, we let the user input. User name and password, Then query the table corresponding to the database according to the user name entered by the user, If there is no relevant data, prompt that the user name does not exist; If there is, continue to judge whether the password entered by the user is correct (take the password entered by the user and the password corresponding to the database to judge); If it is correct, prompt that the login is successful; Otherwise, prompt that the password is wrong.
* Here I use parameterized queries to write login cases in order to prevent SQL injection attacks.
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Data;
using System.Data.SqlClient;
namespace ADO.NET Login case 1
{
class Program
{
static void Main(string[] args)
{
// Prompt the user for a user name
Console.WriteLine(" Please enter a user name: ");
// Use Console.ReadLine() Receive information entered by the user
string userName = Console.ReadLine();
// Prompt the user for a password
Console.WriteLine(" Please enter your password: ");
string password = Console.ReadLine();
// Now is the time to start using it ADO.NET Technology, to query the database
// Connection mode access
//1. Create a connection object (connection string)
SqlConnection scon = new SqlConnection(DBHelper.GetConnectionStrings());
//2. Create a command object ( And sets the property value for the command object )
SqlCommand scmd = new SqlCommand();
scmd.CommandText = "Ins_User";
scmd.CommandType = CommandType.StoredProcedure;
scmd.Connection = scon;
//3 Open a connection
scon.Open();
// Setting parameters
scmd.Parameters.Add(new SqlParameter("@name",userName.Trim()));
//4. Execute a command
SqlDataReader reader = scmd.ExecuteReader(CommandBehavior.CloseConnection);
//5 Processing data
if (reader.Read())
{
if (password.Trim().ToString() == reader["T_PWD"].ToString())
{
Console.WriteLine(" Login Successful ");
}
else
{
Console.WriteLine(" Password error ");
}
}
else
{
Console.WriteLine(" User name does not exist ");
}
// Reader run out 1 Be sure to close
reader.Dispose();
Console.ReadKey();
}
}
}