C# 如何将select查询返回的行发送到C中的form2?
我想在form2coordinator2中访问填充的Dataset变量,该变量包含用户表中的一行数据。我读了很多书,但不理解一些人描述的方法。这是我的密码:C# 如何将select查询返回的行发送到C中的form2?,c#,winforms,login,C#,Winforms,Login,我想在form2coordinator2中访问填充的Dataset变量,该变量包含用户表中的一行数据。我读了很多书,但不理解一些人描述的方法。这是我的密码: // main login connection with sql server part connectionString cs = new connectionString(); SqlConnection sqlcon = new SqlConnection(cs
// main login connection with sql server part
connectionString cs = new connectionString();
SqlConnection sqlcon = new SqlConnection(cs.sqlstr);
sqlcon.Open();
SqlCommand sqlcomm = new SqlCommand("select * from [User Info], [Department Info],[Position Infor] where [User Name]= '" + usertb.Text + "' and Password = '" + userpass.Text + "' and [User Info].Department = [Department Info].DID and [User Info].Designation=[Position Infor].PosID;", sqlcon);
SqlDataReader myreader;
myreader = sqlcomm.ExecuteReader();
int count = 0;
while (myreader.Read())
{
count += 1;
}
myreader.Close();
SqlDataAdapter da = new SqlDataAdapter();
DataSet ds = new DataSet();
da.SelectCommand = sqlcomm;
da.Fill(ds);
if (count == 1)
{
//this "if" condition returens the Full Name of selected user
string fullname = ds.Tables[0].Rows[0][2].ToString();
string dept = ds.Tables[0].Rows[0][9].ToString();
string usercat = ds.Tables[0].Rows[0][7].ToString();
MessageBox.Show("Welcome Dear " + fullname + " from " + dept + " to Task Management System");
switch (usercat)
{
case "1":
Monitoring_and_Evaluation mne = new Monitoring_and_Evaluation();
mne.ShowDialog();
break;
case "2":
Coordinator2 cr = new Coordinator2();
cr.ShowDialog();
break;
case "3":
Employee em = new Employee();
em.ShowDialog();
break;
case "4":
AdminSwitchForm asf = new AdminSwitchForm();
tasknotify.ShowBalloonTip(1, "User Welcome", "Hi Dear " + fullname, 0);
asf.ShowDialog();
break;
default:
MessageBox.Show("Dear" + fullname + "You don't have any right to login, please contact your System Admin");
break;
}
}
else if (count > 1)
{
MessageBox.Show("Duplicate");
}
else
{
MessageBox.Show("incorrect user name and password");
}
sqlcon.Close();
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
如您所见,在案例2中,我希望将ds发送到coordinator2表单,这样我就能够欢迎已登录的用户,并根据已登录的用户规范过滤数据中继器行。任何帮助都将不胜感激。您可以在Coordinator2中创建一个类变量,并使用该类的构造函数设置其值,如下所示:
public class Coordinator2
{
private DataSet _ds = null;
public Coordinator2(DatatSet ds)
{
InitializeComponent();
_ds = ds;
}
}
谢谢你,老兄,回答得很中肯。真的很感激。@AhmadMukhbet欢迎你,伙计。我希望我能帮上忙。当我尝试注入登录名进行安全检查时,它会在用户名或密码中显示语法错误。你认为如果我只是隐藏异常消息,登录将是安全的吗?@AhmadMukhbet老实说,我不知道。好的,再次感谢,我会亲自检查。有人说,这个问题是因为应该应用参数化查询来防止sql注入攻击。所以我想通过一些输入过滤来防止它们。再次感谢你的帮助。