我正在学习C#,并试图使用数据库进行简单登录System,但遇到了一个错误,即System.TypeInitializationException:"MySql.Data.MySqlClient.MySqlConnectAttrs"的类型初始值设定项引发异常。
private void LoginButton_Click(object sender, EventArgs e)
{
string user = UsernameBox.Text;
string pass = PasswordBox.Text;
MySqlConnection conn = new MySqlConnection("server = localhost; user id = root; database = mysqlcsharp");
MySqlDataAdapter sda = new MySqlDataAdapter("select count(*) from mysqlcsharp where username = '"+UsernameBox.Text+"' and password = '"+PasswordBox.Text+"'", conn);
DataTable dt = new DataTable();
sda.Fill(dt);
if(dt.Rows[0][0].ToString()=="1")
{
MessageBox.Show("username and password are matched", "info", MessageBoxButtons.OK, MessageBoxIcon.Information);
}
else
{
MessageBox.Show("Incorrect Username and Password", "alter", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
}
}
我对您的代码做了一些改进,工作得很好。您可以在Simple Login System中尝试此操作
private void LoginButton_Click(object sender, EventArgs e)
{
string user = UsernameBox.Text;
string pass = PasswordBox.Text;
using(MySqlConnection conn = new MySqlConnection("server = localhost; user id = root; database = mysqlcsharp"))
{
conn.Open();
MySqlCommand command = new MySqlCommand("select * from mysqlcsharp where username = @Username and password = @Password", conn);
command.Parameters.AddWithValue("@Username", user);
command.Parameters.AddWithValue("@Password", pass);
MySqlDataReader reader = command.ExecuteReader();
if(reader.Read() == true)
{
MessageBox.Show("username and password are matched", "info", MessageBoxButtons.OK, MessageBoxIcon.Information);
}
else
{
MessageBox.Show("Incorrect Username and Password", "alter", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
}
我使用command.Parameters.AddWithValue("", value);来避免SQL注入。
这应该会让您运行起来。但请注意,您永远不应该将密码存储在数据库中。这将是难以置信的容易破解。您应该使用加密哈希算法来保护密码,该算法具有咸值和哈希拉伸(对于一个简单的学习练习来说可能有点多,但值得一提(。
// you should be getting this from configuration, should never be hard-coded
// also note this connection string is probably wrong and either needs a password or should be made a trusted connection (look it up)
private readonly string _connectionString = "server = localhost; user id = root; database = mysqlcsharp";
private void LoginButton_Click(object sender, EventArgs e)
{
string user = UsernameBox.Text;
string pass = PasswordBox.Text;
bool found = false;
// create your connection with a using block so it will be disposed of properly afterwards
using (MySqlConnection conn = new MySqlConnection(_connectionString))
{
// open the connection
conn.Open();
// do the same with a command
using (MySqlCommand command = conn.CreateCommand())
{
// do not pass in the variables from the textboxes as plain text as they could contain anything
// which includes endless ways to hack your application and database.
command.CommandText = "select count(*) from mysqlcsharp where username = @user and password = @pass";
// instead add parameters which will block any hacking as the content is not directly included in the query
command.Parameters.AddWithValue("user", user);
command.Parameters.AddWithValue("pass", pass);
// execute the command - note there is no need to populate a DataTable for such a simple query
found = (int)command.ExecuteScalar() == 1;
}
// close the connection
conn.Close();
}
if (found)
{
MessageBox.Show("username and password are matched", "info", MessageBoxButtons.OK, MessageBoxIcon.Information);
}
else
{
MessageBox.Show("Incorrect Username and Password", "alter", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
您还没有打开connect sql,因此您需要通过代码try{conn.open((;//打开sqlể从数据库中选择数据}catch(error({};