我有一个针对多个用户的用户注册表。这工作正常,除了代码无法识别是否已经存在用户名。我知道我的代码中有错误,但我无法纠正那个错误。
代码如下,任何人都可以帮我排序,如何为读者编写修改代码
Private Sub OK_Click(sender As Object, e As EventArgs) Handles OK.Click
Dim user, pass As String
user = UsernameTextBox.Text
pass = PasswordTextBox.Text
Dim connection1 As New OleDbConnection("Provider=Microsoft.Jet.OLEDB.4.0; Data Source=Credentials.mdb;")
Dim command As New OleDbCommand("SELECT [ID] FROM [Staff] WHERE [usernameField] = username AND [passwordField] = password", connection1)
Dim usernameParam As New OleDbParameter("username", Me.UsernameTextBox.Text)
Dim passwordParam As New OleDbParameter("password", Me.PasswordTextBox.Text)
command.Parameters.Add(usernameParam)
command.Parameters.Add(passwordParam)
command.Connection.Open()
Dim reader As OleDbDataReader = command.ExecuteReader()
If reader.HasRows Then
MessageBox.Show("User Exist")
MyPlayer.SoundLocation = path & LogOnsound
PasswordTextBox.Text = ""
UsernameTextBox.Text = ""
ElseIf user = "" Or pass = "" Then
MsgBox("Please Fill The Boxs", , "Error")
Else
Dim connection As String = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=Credentials.mdb;"
Using myconnection As New OleDbConnection(connection)
myconnection.Open()
Dim sqlq As String = "INSERT INTO [staff] ([username], [password]) VALUES (@user, @pass)"
Using cmd As New OleDbCommand(sqlq, myconnection)
cmd.Parameters.AddWithValue("@usernme", user)
cmd.Parameters.AddWithValue("@passwrd", pass)
cmd.ExecuteNonQuery()
MsgBox("User Registered!", , "register")
user = ""
pass = ""
End Using
End Using
End If
command.Connection.Close()
End Sub
看起来你有很多错误:
- 您应该指定
@username
,而不仅仅是在SELECT
语句中username
,以便将其识别为参数。 - 你为什么要在
password
上检查匹配?如果您这样做,人们可以使用相同的用户名,只是密码不同......你想要那个吗? - 在
SELECT
中,usernameField
作为 Staff 表中的列名,但在INSERT
中,username
作为列名。是哪个? - 在
INSERT
中,指定参数@user
,但在cmd.Parameters.AddWithValue
语句中,您@usernme
。