关于DataSet的问题
我从数据库里读出一个字段"PassWord",想把它和用户提交的密码比较,但是结果总是不一致.
请各位指点迷津~~~!
strSQLPassWord = "SELECT PassWord FROM UserInfor
WHERER(UserID='"+Request.Form["UserID"]+"'))";
objCommand = new SqlCommand(strSQLPassWord,objConnection);
objDataReader = objCommand.ExecuteReader();
objDataReader.Read();
if(objDataReader["PassWord"].ToString()==Request.Form["PassWord"])
Response.Write("登陆成功");
else
Response.Write("密码错误");
问题点数:20、回复次数:6Top
1 楼fancyf(凡瑞)回复于 2005-06-04 17:25:03 得分 2
strSQLPassWord = "SELECT PassWord FROM UserInfor
WHERER(UserID='"+Request.Form["UserID"]+"'))";
Password是个关键字,应该括起来[Password]
WHERER拼错了Top
2 楼yundazyx(小荣)回复于 2005-06-04 17:29:33 得分 0
倒 这是我打错了 但是想问问后面的比较式子有问题吗?Top
3 楼renyu732(Sysinfo)回复于 2005-06-04 17:34:18 得分 0
有这么写的吗?Top
4 楼renyu732(Sysinfo)回复于 2005-06-04 17:36:24 得分 16
Sub Login(sender as Object, e as EventArgs)
'1. 创建连接
Const strConnString as String
strConnString= "Data Source=.;Initial Catalog=test;User Id=sa;Password=;"
Dim objConn as New SqlConnection(strConnString)
'2. 创建Command对象
Dim strSQL as String = "SELECT COUNT(*) FROM UserAccount " & _
"WHERE Username=@Username AND Password=@Password"
Dim objCmd as New SqlCommand(strSQL, objConn)
'3. 创建参数
Dim paramUsername as SqlParameter
paramUsername = New SqlParameter("@Username", SqlDbType.VarChar, 25)
paramUsername.Value = txtUsername.Text
objCmd.Parameters.Add(paramUsername)
Dim paramPwd as SqlParameter
paramPwd = New SqlParameter("@Password", SqlDbType.Binary, 16)
paramPwd.Value = hashedDataBytes
objCmd.Parameters.Add(paramPwd)
'执行查询
objConn.Open()
Dim iResults as Integer = objCmd.ExecuteScalar()
objConn.Close()
If iResults <>0 then
'合法
Else
'不合法
End If
End Sub
这样不更好。
Top
5 楼libinguest(上善若水)回复于 2005-06-04 17:38:51 得分 2
设断点进行调试!Top
6 楼yundazyx(小荣)回复于 2005-06-04 18:02:00 得分 0
问题解决了 谢谢各位啊Top
相关问题
关键词
得分解答快速导航
相关链接
广告也精彩
反馈
