Fatal编程技术网
  • vb.net/
  • vb.net与access数据库的连接

vb.net与access数据库的连接

vb.net ms-access

vb.net与access数据库的连接,vb.net,ms-access,Vb.net,Ms Access,我正在尝试将Access db迁移到vb.net winform.net framework。我对这个软件的接触是非常有限的,因此我正在部分地处理每一件事情。我的目标是最终将数据转换为SQL server,而不是让任何人插嘴使用和访问数据库。无论如何,我已经通过数据源连接,创建了一个基本的登录表单,并且重构了从access数据库移植的代码。这就是我所拥有的 Public intLogonAttempts As Long Dim connection As New OleDbConnect

我正在尝试将Access db迁移到vb.net winform.net framework。我对这个软件的接触是非常有限的,因此我正在部分地处理每一件事情。我的目标是最终将数据转换为SQL server,而不是让任何人插嘴使用和访问数据库。无论如何,我已经通过数据源连接,创建了一个基本的登录表单,并且重构了从access数据库移植的代码。这就是我所拥有的

Public intLogonAttempts As Long
    Dim connection As New OleDbConnection(My.Settings.DataConnectionString)

    Private Sub Btn_Login_Click(sender As Object, e As EventArgs) Handles Btn_Login.Click



        Dim RetVal As Integer

        ' Check all information required has been inputted
        If Txt_Username.Text = "" Then
            MsgBox("Please enter a username.", vbOKOnly, "Required Data")
            Txt_Username.Select()
            Exit Sub
        End If

        If Txt_Password.Text = "" Then
            MsgBox("Please enter a password.", vbOKOnly, "Required Data")
            Txt_Password.Select()
            Exit Sub
        End If

        'If connection.State = ConnectionState.Closed Then
        '    connection.Open()
        'End If

        Dim cmd As New OleDbCommand("SELECT * FROM User where [username] = ? AND [Password] = ?", connection)
        cmd.Parameters.AddWithValue("@p1", Txt_Username.Text)
        cmd.Parameters.AddWithValue("@p1", Txt_Password.Text)
        connection.Open()
        RetVal = CInt(cmd.ExecuteScalar())

        If (RetVal = 1) Then
            ' Login successful
            MsgBox("Successful login")

            My.Settings.savedUsername = Txt_Username.Text
            My.Settings.savedPassword = Txt_Password.Text
            My.Settings.Save()
        Else
            ' Login unsuccessful
            intLogonAttempts = intLogonAttempts + 1

            If intLogonAttempts >= 3 Then
                MsgBox("You do not have access to this database. Please contact admin.", vbCritical, "Restricted Access!")
                Application.Exit()
                Exit Sub
            Else
                MsgBox("Password Invalid. Please Try Again", vbOKOnly, "Invalid Entry!")
                Txt_Password.Select()
            End If
        End If
    End Sub
但是,当我的代码点击RetVal=CIntcmd.ExecuteScalar时,返回以下错误:

System.Data.OleDb.OLEDBEException:“FROM子句中存在语法错误。”

我这里出了什么错?我认为这是由于sql语句造成的,但我很确定我的回答是正确的?

我忘记了表名user周围的[]

然而,为了不浪费这篇文章,人们能否建议这可能是执行登录的最佳方式,还是有更好的解决方案?

我将代码分成了不同的方法,使每个方法只执行一项工作

GetUserCount方法与用户界面完全断开连接。用户可以从web或电话应用程序登录,也可以使用相同的方法

对数据库对象使用…结束使用块。这样可以确保即使出现错误,也会关闭和释放它们。我认为你从未关闭过你的连接

请注意,Select命令正在获取Count*。在您的代码中,您只得到*因此,使用.ExecuteScalar,您将获得结果集第一行的第一列。不是你需要的

我使用参数名只是为了可读性,因此,我们可以看到,参数是按照与Select语句中显示的顺序添加到参数集合中的

对参数使用.Add方法。看见 和 还有一个: 这是另一个 我不得不猜测数据类型和大小,所以,检查数据库中的实际值

您不应该存储纯文本密码。这是一个你需要研究的独立主题

Private intLogonAttempts As Integer 'You don't need a Long to hold 3


Private Sub Btn_Login_Click(sender As Object, e As EventArgs) Handles Btn_Login.Click
    Dim RetVal As Integer
    If ValidateInput() Then
        RetVal = GetUserCount(Txt_Username.Text, Txt_Password.Text)
    End If

    If (RetVal = 1) Then
        ' Login successful
        MsgBox("Successful login")
        'Why are you storing this information?
        My.Settings.savedUsername = Txt_Username.Text
        My.Settings.savedPassword = Txt_Password.Text
        My.Settings.Save()
    Else
        ' Login unsuccessful
        intLogonAttempts += 1

        If intLogonAttempts >= 3 Then
            MsgBox("You do not have access to this database. Please contact admin.", vbCritical, "Restricted Access!")
            Application.Exit() 'Of course there is nothing to stop the user from restarting the app and trying 3 more times
            Exit Sub
        Else
            'Don't tell the user what is wrong; that would help unauthorized users
            'It could be the user name or the password
            MsgBox("Please Try Again", vbOKOnly, "Invalid Entry!")
        End If
    End If
End Sub

Private Function ValidateInput() As Boolean
    If Txt_Username.Text = "" Then
        MsgBox("Please enter a username.", vbOKOnly, "Required Data")
        Txt_Username.Select()
        Return False
    End If

    If Txt_Password.Text = "" Then
        MsgBox("Please enter a password.", vbOKOnly, "Required Data")
        Txt_Password.Select()
        Return False
    End If
    Return True
End Function

Private Function GetUserCount(UName As String, UPass As String) As Integer
    'All the database code is here
    Dim RetVal As Integer
    Using connection As New OleDbConnection(My.Settings.DataConnectionString),
            cmd As New OleDbCommand("SELECT Count(*) FROM [User] where [username] = @Name AND [Password] = @PWord;", connection)
        cmd.Parameters.Add("@Name", OleDbType.VarChar, 100).Value = UName
        cmd.Parameters.Add("@PWord", OleDbType.VarChar, 100).Value = UPass
        connection.Open()
        RetVal = CInt(cmd.ExecuteScalar())
    End Using
    Return RetVal
End Function
将密码存储为纯文本通常不是最佳选择。请参阅。请注意这些参数名称:当您转换到SQL Server时,它们将需要不同的名称。另外,正如您所知:,和。我已经看到了针对数据库工作的建议-它具有与数据库无关的优点,因此相同的代码适用于Access和SQL Server,尽管所有示例似乎都是C语言。