Vb.net 通过连接mysql数据库更改密码
在adapter=New MySqlDataAdapterUPDATE user SET Password其中Password='&txtpassword.Text&'行中出现错误 我怎样才能解决这个问题Vb.net 通过连接mysql数据库更改密码,vb.net,mysqlconnection,Vb.net,Mysqlconnection,在adapter=New MySqlDataAdapterUPDATE user SET Password其中Password='&txtpassword.Text&'行中出现错误 我怎样才能解决这个问题 Private Sub getdbdata() Try mysqlconn = New MySqlConnection("server=localhost;username=root;database=bank") dataset = New Dat
Private Sub getdbdata()
Try
mysqlconn = New MySqlConnection("server=localhost;username=root;database=bank")
dataset = New DataSet
adapter = New MySqlDataAdapter("UPDATE user SET Password WHERE Password ='" & txtpassword.Text & "'")
adapter.Fill(dataset, "user")
mysqlconn.Open()
reader = command.ExecuteReader
If reader.HasRows Then
Form1.Show()
Me.Visible = False
Else
MessageBox.Show("Password change unsuccessful.")
End If
reader.Close()
mysqlconn.Close()
Catch ex As MySqlException
MessageBox.Show(ex.Message)
End Try
End Sub
主要问题在于 因此,在代码中进行以下更改:
dataset = New DataSet
adapter = New MySqlDataAdapter("UPDATE user SET Password = '" & txtNewpassword.Text & "' " & _
"WHERE userName = '" & txtuser.Text & "' and " & _
"Password ='" & txtOldpassword.Text & "'")
adapter.Fill(dataset, "user")
现在代码的意思是“已满”,对于在txtser中有用户名且在txtOldpassword中有匹配密码的用户,它会将密码重置为txtNewpassword中的what,错误是什么?除了易受SQL注入攻击外,我认为它没有任何问题。也许您的密码包含一个引号?:如果我不得不猜测,因为您没有费心提供系统提供给您的错误消息,我会说用户是一个保留字,如果使用标识符,则需要转义。在MySQL中,您可以通过将值包装在graves`中来实现这一点。
Imports MySql.Data.MySqlClient
Public Class Settings
Dim con As New MySqlConnection("host =localhost;user id=root;password=;database=cidb")
Dim cmd As New MySqlCommand
Dim dr As MySqlDataReader
Private Sub Button1_Click_1(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
con.Open()
cmd.Connection = con
cmd.CommandText = "select * from usertbl where uname='" & user.Text & "'and upassword= '" & Pword.Text & "'"
dr = cmd.ExecuteReader
If dr.HasRows Then
Settings()
Else
MsgBox("Invalid Username or Password!")
End If
End Sub
Private Sub Settings()
Dim con As New MySqlConnection("host =localhost;user id=root;password=;database=cidb")
Dim cmd As New MySqlCommand
con.Open()
cmd.Connection = con
cmd.CommandText = "update usertbl set upassword='" & NewPword.Text & "' where uname= '" & usertxt.Text & "'"
cmd.ExecuteNonQuery()
MsgBox("You're successfully change your Password!")
usertxt.Text = " "
Pwordtxt.Text = " "
Newuser.Text = " "
con.Close()
End Sub