Database 如何检查Access数据库中是否存在记录
我正在为一个项目尝试一种新的方法,我正在从事这个项目,我刚刚开始学习Access数据库。我正在使用VB.net,我的问题是:如何查看数据库表中是否存在记录。我以为我已经明白了,但事实并非如此。我正在创建一个登录名,我希望它在尝试将您键入的内容与数据库中的内容进行比较之前检查他们键入的用户名是否存在。我看到了很多关于如何做到这一点的问题……但对于VB.net和MS Access来说却不是这样 这是我的密码:Database 如何检查Access数据库中是否存在记录,database,vb.net,ms-access,login,oledb,Database,Vb.net,Ms Access,Login,Oledb,我正在为一个项目尝试一种新的方法,我正在从事这个项目,我刚刚开始学习Access数据库。我正在使用VB.net,我的问题是:如何查看数据库表中是否存在记录。我以为我已经明白了,但事实并非如此。我正在创建一个登录名,我希望它在尝试将您键入的内容与数据库中的内容进行比较之前检查他们键入的用户名是否存在。我看到了很多关于如何做到这一点的问题……但对于VB.net和MS Access来说却不是这样 这是我的密码: Imports System.Data.OleDb Public Class LoginF
Imports System.Data.OleDb
Public Class LoginForm1
Dim provider As String
Dim dataFile As String
Dim connString As String
Public myConnection As OleDbConnection = New OleDbConnection
Public dr As OleDbDataReader
Dim Errors As String
Public Sub AccessAccountDatabase()
provider = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source ="
dataFile = "C:\Users\Richard\Documents\Visual Studio 2010\Projects\CybSol Journal Database\CybSol Journal Database\cgi-bin\Data.mdb"
connString = provider & dataFile
myConnection.ConnectionString = connString
Errors = ""
Try
myConnection.Open()
Dim str As String
str = "SELECT * FROM Accounts WHERE Username='" & UsernameTxt.Text & "' AND Password='" & PasswordTxt.Text & "'"
Dim cmd As OleDbCommand = New OleDbCommand(str, myConnection)
dr = cmd.ExecuteReader
dr.Read()
If UsernameTxt.Text = dr("Username").ToString AndAlso PasswordTxt.Text = dr("Password").ToString Then
Dim Welcome As String = "SELECT * FROM Accounts WHERE Real_Name=" & "Username"
MsgBox("Welcome back " & dr("Real_Name") & "!")
Else
MsgBox("Login Failure")
End If
myConnection.Close()
Catch ex As Exception
MsgBox(ex.ToString)
End Try
End Sub
Private Sub OkayBtn_Click(sender As System.Object, e As System.EventArgs) Handles OkayBtn.Click
AccessAccountDatabase()
End Sub
End Class
所以现在我的问题是。。。如何让它检查数据库中是否存在记录,因为当您键入正确的信息(数据库中存在的正确用户名和密码)时,它会说欢迎和所有。但是当你输入错误的用户名和/或密码时,它就不起作用了。如果没有“Try-Catch”语句,程序就会冻结。在try-catch中,它表示:
System.InvalidOperationException: No data exists for the row/column.
at System.Data.OleDb.OleDbDataReader.DoValueCheck(Int32 ordinal)
at System.Data.OleDb.OleDbDataReader.GetValue(Int32 ordinal)
at System.Data.OleDb.OleDbDataReader.get_Item(String name)
at CybSol_Journal_Database.LoginForm1.AccessAccountDatabase() in c:\users\richard\documents\visual studio 2010\Projects\CybSol Journal Database\CybSol Journal Database\LoginForm1.vb:line 36
添加信息:第36行是这样的:
如果UsernameTxt.Text=dr(“用户名”).ToString和PasswordTxt.Text=dr(“密码”).ToString,则不必再次检查代码中的用户名和密码,因为如果数据库中的用户名和密码不匹配,则不会返回任何行
你可以简单地做
dr = cmd.ExecuteReader
If dr.HasRows Then
//it matched
Else
//it didn't match. could not log in
End If
如果您仍想保留,但没有必要保留,则您的方法如下所示
dr = cmd.ExecuteReader
If dr.HasRows Then
dr.Read()
If UsernameTxt.Text = dr("Username").ToString AndAlso PasswordTxt.Text = dr("Password").ToString Then
Else
End If
End If
您不必再次检查代码中的用户名和密码,因为如果数据库中的用户名和密码不匹配,则不会返回任何行
你可以简单地做
dr = cmd.ExecuteReader
If dr.HasRows Then
//it matched
Else
//it didn't match. could not log in
End If
如果您仍想保留,但没有必要保留,则您的方法如下所示
dr = cmd.ExecuteReader
If dr.HasRows Then
dr.Read()
If UsernameTxt.Text = dr("Username").ToString AndAlso PasswordTxt.Text = dr("Password").ToString Then
Else
End If
End If
第一个问题:
进入。您应该将以下内容封装在方括号中:
"SELECT * FROM Accounts WHERE Username='" & UsernameTxt.Text & _
"' AND [Password]='" & PasswordTxt.Text & "'"
第二个问题:
切勿使用字符串连接来创建sql文本。始终使用参数
str = "SELECT * FROM Accounts WHERE Username=? AND [Password]=?"
Dim cmd As OleDbCommand = New OleDbCommand(str, myConnection)
cmd.Parameters.AddWithValue("user", UserNameTxt.Text)
cmd.Parameters.AddWithValue("pass", PasswordTxt.Text)
dr = cmd.ExecuteReader
为什么??如果从用户输入连接字符串,会发生什么情况
第三个问题:测试命令是否返回行
If dr.Read() Then
......
End if
第一个问题:
进入。您应该将以下内容封装在方括号中:
"SELECT * FROM Accounts WHERE Username='" & UsernameTxt.Text & _
"' AND [Password]='" & PasswordTxt.Text & "'"
第二个问题:
切勿使用字符串连接来创建sql文本。始终使用参数
str = "SELECT * FROM Accounts WHERE Username=? AND [Password]=?"
Dim cmd As OleDbCommand = New OleDbCommand(str, myConnection)
cmd.Parameters.AddWithValue("user", UserNameTxt.Text)
cmd.Parameters.AddWithValue("pass", PasswordTxt.Text)
dr = cmd.ExecuteReader
为什么??如果从用户输入连接字符串,会发生什么情况
第三个问题:测试命令是否返回行
If dr.Read() Then
......
End if
你在正确的轨道上。OleDbDataReader.Read
返回一个布尔值,指示它是否成功读取现有行。因此,您可以在尝试读取记录之前检查它是否返回True
。例如:
If dr.Read() Then
If UsernameTxt.Text = dr("Username").ToString AndAlso PasswordTxt.Text = dr("Password").ToString Then
Dim Welcome As String = "SELECT * FROM Accounts WHERE Real_Name=" & "Username"
MsgBox("Welcome back " & dr("Real_Name") & "!")
Else
MsgBox("Login Failure")
End If
End If
另外,我觉得我至少应该提到,以纯文本形式存储密码从来都不是一个好主意。你的思路是对的。OleDbDataReader.Read返回一个布尔值,指示它是否成功读取现有行。因此,您可以在尝试读取记录之前检查它是否返回
True
。例如:
If dr.Read() Then
If UsernameTxt.Text = dr("Username").ToString AndAlso PasswordTxt.Text = dr("Password").ToString Then
Dim Welcome As String = "SELECT * FROM Accounts WHERE Real_Name=" & "Username"
MsgBox("Welcome back " & dr("Real_Name") & "!")
Else
MsgBox("Login Failure")
End If
End If
另外,我觉得我至少应该提到,以纯文本形式存储密码从来都不是一个好主意。我使用语句添加了一些
,这样您就不必手动关闭连接。此外,我还对SQL语句进行了参数化,以防止SQL注入
Public Class LoginForm1
Dim provider As String
Dim dataFile As String
Dim connString As String
'Public myConnection As OleDbConnection = New OleDbConnection
'Public dr As OleDbDataReader
Dim Errors As String
Public Sub AccessAccountDatabase()
provider = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source ="
dataFile = "C:\Users\Richard\Documents\Visual Studio 2010\Projects\CybSol Journal Database\CybSol Journal Database\cgi-bin\Data.mdb"
connString = provider & dataFile
myConnection.ConnectionString = connString
Errors = ""
Try
Using myConnection As OleDbConnection = New OleDbConnection(connString)
myConnection.Open()
Dim str As String
str = "SELECT * FROM Accounts WHERE Username=@USER AND [Password]=@PWD "
Using cmd As OleDbCommand = New OleDbCommand(str, myConnection)
cmd.Parameters.AddWithValue("@USER", UsernameTxt.Text)
cmd.Parameters.AddWithValue("@PWD", PasswordTxt.Text)
Using dr As OleDbDataReader = cmd.ExecuteReader
If dr.HasRows Then
dr.Read()
If UsernameTxt.Text = dr("Username").ToString AndAlso PasswordTxt.Text = dr("Password").ToString Then
Dim Welcome As String = "SELECT * FROM Accounts WHERE Real_Name=" & "Username"
MsgBox("Welcome back " & dr("Real_Name") & "!")
Else
MsgBox("Login Failure")
End If
Else
MsgBox("Login Failure")
End If
End Using
End Using
End Using
Catch ex As Exception
MsgBox(ex.ToString)
End Try
End Sub
Private Sub OkayBtn_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles OkayBtn.Click
AccessAccountDatabase()
End Sub
End Class
我使用
语句添加了一些,因此您不必手动关闭连接。此外,我还对SQL语句进行了参数化,以防止SQL注入
Public Class LoginForm1
Dim provider As String
Dim dataFile As String
Dim connString As String
'Public myConnection As OleDbConnection = New OleDbConnection
'Public dr As OleDbDataReader
Dim Errors As String
Public Sub AccessAccountDatabase()
provider = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source ="
dataFile = "C:\Users\Richard\Documents\Visual Studio 2010\Projects\CybSol Journal Database\CybSol Journal Database\cgi-bin\Data.mdb"
connString = provider & dataFile
myConnection.ConnectionString = connString
Errors = ""
Try
Using myConnection As OleDbConnection = New OleDbConnection(connString)
myConnection.Open()
Dim str As String
str = "SELECT * FROM Accounts WHERE Username=@USER AND [Password]=@PWD "
Using cmd As OleDbCommand = New OleDbCommand(str, myConnection)
cmd.Parameters.AddWithValue("@USER", UsernameTxt.Text)
cmd.Parameters.AddWithValue("@PWD", PasswordTxt.Text)
Using dr As OleDbDataReader = cmd.ExecuteReader
If dr.HasRows Then
dr.Read()
If UsernameTxt.Text = dr("Username").ToString AndAlso PasswordTxt.Text = dr("Password").ToString Then
Dim Welcome As String = "SELECT * FROM Accounts WHERE Real_Name=" & "Username"
MsgBox("Welcome back " & dr("Real_Name") & "!")
Else
MsgBox("Login Failure")
End If
Else
MsgBox("Login Failure")
End If
End Using
End Using
End Using
Catch ex As Exception
MsgBox(ex.ToString)
End Try
End Sub
Private Sub OkayBtn_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles OkayBtn.Click
AccessAccountDatabase()
End Sub
End Class
在DataReader上使用Read()方法(请注意,这样可以保持与数据库的连接处于打开状态,并且在DataReader仍在读取时,将无法在数据库上执行任何其他命令)
If String.Compare(dr("Username").ToString(), UsernameTxt.Text, true) AndAlso String.Compare(dr("Password").ToString(), PasswordTxt.Text.ToString() Then
' The username and password for the record match
' the input from the login form
ProcessLogin()
Else
' Invalid username or password, send an error
End If
在DataReader上使用Read()方法(请注意,这样可以保持与数据库的连接处于打开状态,并且在DataReader仍在读取时,将无法在数据库上执行任何其他命令)
If String.Compare(dr("Username").ToString(), UsernameTxt.Text, true) AndAlso String.Compare(dr("Password").ToString(), PasswordTxt.Text.ToString() Then
' The username and password for the record match
' the input from the login form
ProcessLogin()
Else
' Invalid username or password, send an error
End If
第四个问题:不要存储密码。如果使用“.Read()”测试密码,则存储该密码的种子哈希,并且没有任何行会出现异常。根据下面的答案,最好使用“.HasRows”。@yu_ominae Read()如果没有rowsDammit,则返回false,您是对的,我有点不对劲。谢谢您纠正我。@Steve,太晚了,很抱歉,但最终删除了它:)第四个问题:不存储密码。如果您使用“.Read()测试密码,请存储密码的种子哈希“没有行,您将得到异常。根据下面的答案,最好使用“.HasRows”。@yu_ominae Read()返回false如果没有行,您是对的,我有其他错误。谢谢您纠正我。@Steve,太晚了,很抱歉,但最后删除了它:)行myConnection.ConnectionString=connString
似乎没有必要(我已经在应用程序中测试了代码)<代码>myConnection
此时尚未定义。无论如何,这是一个非常好的代码段:)行myConnection.ConnectionString=connString
似乎没有必要(我已经在我的应用程序中测试了代码)<代码>myConnection此时尚未定义。无论如何,这是一个非常好的代码片段:)