在VB.net中尝试登录失败后的系统锁定
我将此代码用于我的登录表单:在VB.net中尝试登录失败后的系统锁定,vb.net,security,ms-access,login,block,Vb.net,Security,Ms Access,Login,Block,我将此代码用于我的登录表单: Private Sub btnLogin_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnLogin.Click Dim ErrorCount As Integer = 0 If (ErrorCount = 3) Then MessageBox.Show(" The System has been Lock ", " Error
Private Sub btnLogin_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnLogin.Click
Dim ErrorCount As Integer = 0
If (ErrorCount = 3) Then
MessageBox.Show(" The System has been Lock ", " Error! ", MessageBoxButtons.OK, MessageBoxIcon.Error)
Form3.Show()
Else
Dim con As OleDbConnection = New OleDbConnection( _
"Provider=Microsoft.Jet.OLEDB.4.0;Data Source= UserPass.mdb;")
con.Open()
Dim str As String
str = "SELECT * FROM UserPass WHERE Username='" & txtUsername.Text & "' AND Password='" & txtPassword.Text & "'"
Dim cmd As OleDbCommand = New OleDbCommand(str, con)
cmd.Parameters.AddWithValue("user", txtUsername.Text)
cmd.Parameters.AddWithValue("pass", txtPassword.Text)
Dim sdr As OleDbDataReader = cmd.ExecuteReader()
' It will be case sensitive if you compare usernames here.
If sdr.HasRows Then
If sdr.Read Then
If txtPassword.Text <> sdr("Password").ToString Or txtUsername.Text <> sdr("Username").ToString Then
MessageBox.Show(" Incorrect Username/Password. Login Denied ", " Error! ", MessageBoxButtons.OK, MessageBoxIcon.Error)
ErrorCount = ErrorCount + 1
Else
MessageBox.Show(" You are now Logged In! ", " Welcome! ", MessageBoxButtons.OK, MessageBoxIcon.Asterisk)
frmOne.Show()
Me.Hide()
End If
End If
Else
MessageBox.Show(" Incorrect Username/Password. Login Denied ", " Error! ", MessageBoxButtons.OK, MessageBoxIcon.Error)
End If
sdr.Close()
con.Close()
End If
我想做的是,当用户3次登录系统失败时,系统将显示另一个表单,表明系统已锁定,用户需要输入系统密码才能再次尝试登录。请帮忙
im使用ms access作为用户名和密码的数据库您可以尝试以下方法:
Dim ErrorCount As Int = 0
If (ErrorCount =3) Then
MessageBox.Show(" The System has been Lock ", " Error! ", MessageBoxButtons.OK, MessageBoxIcon.Error)
'Do stuff
'Add Your Code to show new Form something like
Me.Hide()
Form3.Show()
Else
Dim con As OleDbConnection = New OleDbConnection( _
"Provider=Microsoft.Jet.OLEDB.4.0;Data Source= UserPass.mdb;")
con.Open()
Dim str As String
str = "SELECT * FROM UserPass WHERE Username='" & txtUsername.Text & "' AND Password='" & txtPassword.Text & "'"
Dim cmd As OleDbCommand = New OleDbCommand(str, con)
cmd.Parameters.AddWithValue("user", txtUsername.Text)
cmd.Parameters.AddWithValue("pass", txtPassword.Text)
Dim sdr As OleDbDataReader = cmd.ExecuteReader()
' It will be case sensitive if you compare usernames here.
If sdr.HasRows Then
If sdr.Read Then
If txtPassword.Text <> sdr("Password").ToString Or txtUsername.Text <> sdr("Username").ToString Then
MessageBox.Show(" Incorrect Username/Password. Login Denied ", " Error! ", MessageBoxButtons.OK, MessageBoxIcon.Error)
ErrorCount = ErrorCount + 1
Else
MessageBox.Show(" You are now Logged In! ", " Welcome! ", MessageBoxButtons.OK, MessageBoxIcon.Asterisk)
frmOne.Show()
Me.Hide()
End If
End If
Else
MessageBox.Show(" Incorrect Username/Password. Login Denied ", " Error! ", MessageBoxButtons.OK, MessageBoxIcon.Error)
End If
sdr.Close()
con.Close()
End If
最诚挚的问候我不能完全肯定我是否理解这个问题。但这一部分让我觉得,在您的程序登录尝试失败三次后,您正试图锁定计算机的整个桌面: 我想做的是,当用户3次登录系统失败时,系统将显示另一个表单,表明系统已锁定,用户需要输入系统密码才能再次尝试登录 我不确定那是个好主意。仅仅将用户锁定在您的程序之外,而不是锁定整个计算机,这难道还不够吗?这样想吧:没有理由对地方违规行为进行全球惩罚 但是,不管我是否认为这是个好主意,它完全可以从VB.NET中实现。您只需在计数器指示发生了三次失败的登录尝试后调用该函数。此函数是作为Win32 API的一部分提供的,因此要直接从.NET应用程序调用它,需要使用P/Invoke。此函数具有相对简单的签名,因此其定义也不难理解:
<DllImport("user32.dll", SetLastError=True)> _
Public Shared Function LockWorkStation() As Boolean
End Function
这是一个具有方法级别作用域的正则变量。这意味着它被重新初始化为0,就像每次方法运行时都要求它为0一样,并且不保留其值
如果要声明具有方法级作用域且保留其值的变量,则需要使用声明变量,如下所示:
Static ErrorCount As Integer = 0
测试这些东西并找出错误的一个好方法是在btnLogin_Check方法内设置一个断点,并查看变量的确切值!如果您这样做了,您会注意到每次执行通过第一行后,ErrorCount都设置为0。这将是你对问题所在的直接线索。然后,您只需找出如何使值保持不变。现在您知道了,您可以使用Static关键字或向上移动一个范围,比如使它成为表单类的一个成员,以便它与该类的对象一样存在
Imports System.Data.OleDb
公开课表格1
作为整数的私有尝试=3
Private Sub cmdLogin_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles cmdLogin.Click
Dim cn As New OleDbConnection("Provider=Microsoft.Ace.Oledb.12.0; Data Source=" & My.Application.Info.DirectoryPath.ToString() & "\BackUp\testing.Accdb;")
cn.Open()
If txtpassword.Text = "" Then
MsgBox("Please Enter Your Password !!!", MsgBoxStyle.Critical, "Attention...")
Exit Sub
End If
Dim dr1 As OleDbDataReader
Dim com1 As New OleDbCommand
com1.CommandText = "select [UserID],[Pass] from userinfo where userid = '" & txtUserID.Text & "'"
com1.Connection = cn
If cn.State = ConnectionState.Closed Then cn.Open()
dr1 = com1.ExecuteReader
If dr1.Read Then
If UCase(dr1("Pass")) = UCase(txtpassword.Text) Then
MessageBox.Show("Welecome")
Me.Close()
Else
MessageBox.Show("Wrong Password [" & attempt - 1 & "] Attempt(s) Remaing")
attempt -= 1
txtpassword.Focus()
If attempt = 0 Then
End
End If
End If
Exit Sub
Else
MessageBox.Show("Wrong UserID [" & attempt - 1 & "] Attempt(s) Remaing")
attempt -= 1
txtpassword.Focus()
If attempt = 0 Then
End
End If
End If
cn.Close()
End Sub
Private Sub cmdCancel_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles cmdCancel.Click
End
End Sub
Private Sub Form1_FormClosing(ByVal sender As Object, ByVal e As System.Windows.Forms.FormClosingEventArgs) Handles Me.FormClosing
Me.Dispose()
End Sub
期末考试其他两个答案的组合。您需要将声明更改为static,以便它保持状态。Dim ErrorCount As Integer=0到静态ErrorCount As Integer 您还需要在用户输入无效用户名的代码路径中添加减量
MessageBox.Show(" Incorrect Username/Password. Login Denied ", " Error! ", MessageBoxButtons.OK, MessageBoxIcon.Error)
ErrorCount = ErrorCount + 1 'add this here
然后移动if,使其位于SQL之后,因此将其移动到con之后
另外,您似乎对参数化查询有些困惑。如果您使用的是参数化查询,那么您不需要连接SQL,而SQL应该是
str = "SELECT * FROM UserPass WHERE Username=@user AND Password=@pass"
在正常情况下,内部if也不应为真
If txtPassword.Text <> sdr("Password").ToString Or txtUsername.Text <> sdr("Username").ToString Then
' this code path is only evaluated if the database ignores the where clause or
' the user changes the username or password textboxs whilst the database connection is proccessing and is therfore unnessacary
MessageBox.Show(" Incorrect Username/Password. Login Denied ", " Error! ", MessageBoxButtons.OK, MessageBoxIcon.Error)
ErrorCount = ErrorCount + 1
Else
MessageBox.Show(" You are now Logged In! ", " Welcome! ", MessageBoxButtons.OK, MessageBoxIcon.Asterisk)
frmOne.Show()
Me.Hide()
End If
最后,不要将密码存储为明文。用一个带盐的哈希值。你试过什么吗?我试过这个:Dim errorcount As Integer=3,然后在检查用户名和密码的if语句中添加了这个:errorcount=errorcount-1,然后创建了一个if语句:if errorcount=0,然后是form3。show end if但什么都没有发生我还将counter++更改为counter=计数器+1,因为计数器++是一个错误,仍然不显示窗体。它也不会显示表示系统已锁定的消息框系统将只被锁定。我在VisualStudio中运行这个程序,我不打算只在系统中锁定整个桌面。当系统被锁定时,它只会显示一个表单,该表单有一个文本框,要求用户输入正确的密码,系统将被解锁。这不会在最后一次尝试时关闭连接
If (ErrorCount = 3) Then
MessageBox.Show(" The System has been Lock ", " Error! ", MessageBoxButtons.OK, MessageBoxIcon.Error)
Form3.Show()
Else
str = "SELECT * FROM UserPass WHERE Username=@user AND Password=@pass"
If txtPassword.Text <> sdr("Password").ToString Or txtUsername.Text <> sdr("Username").ToString Then
' this code path is only evaluated if the database ignores the where clause or
' the user changes the username or password textboxs whilst the database connection is proccessing and is therfore unnessacary
MessageBox.Show(" Incorrect Username/Password. Login Denied ", " Error! ", MessageBoxButtons.OK, MessageBoxIcon.Error)
ErrorCount = ErrorCount + 1
Else
MessageBox.Show(" You are now Logged In! ", " Welcome! ", MessageBoxButtons.OK, MessageBoxIcon.Asterisk)
frmOne.Show()
Me.Hide()
End If