我创建了一个登录表单,并将我的项目安装到另一台电脑中,当我想登录时,它会显示错误:登录来自不受信任的域,无法与Windows身份验证一起使用,我已经将集成安全设置为false,但我仍然有问题,当我没有登录模式时,我可以连接到它。。
我的登录表单代码
SqlConnection sqlcon = new SqlConnection("data source=DESKTOP-Q8526KR;initial catalog=dentned;integrated security=True;MultipleActiveResultSets=True;App=EntityFramework"");
string query = "Select * from dbo.doctors Where doctors_username = '" + txtUsername.Text.Trim() + "' and doctors_password = '" + txtPassword.Text.Trim() + "'";
SqlDataAdapter sda = new SqlDataAdapter(query, sqlcon);
DataTable dbdoc = new DataTable();
sda.Fill(dbdoc);
if (dbdoc.Rows.Count == 1) {
FormMain objfrmMain = new FormMain();
this.Hide();
if (dbdoc.Rows[0][8].ToString() != "admin") {
objfrmMain.MainMenuStrip.Items[0].Visible = false;
objfrmMain.MainMenuStrip.Items[2].Visible = false;
objfrmMain.MainMenuStrip.Items[3].Visible = false;
objfrmMain.MainMenuStrip.Items[4].Visible = false;
objfrmMain.MainMenuStrip.Items[5].Visible = false;
objfrmMain.MainMenuStrip.Items[8].Visible = false;
}
objfrmMain.Show();
}
else {
MessageBox.Show("Wrong Username !!!!!!!!!!!!!!!!!!!");
}
尝试在工作组之间或域之间使用SSPI(Integrated Security=True)似乎有问题。从本质上讲,你试图使用它不知道如何验证的凭据连接到数据库,它拒绝让你进入。
您需要从连接字符串中删除Integrated Security=True并添加一些实际凭据。在SQL Server中创建一个用户,赋予它执行该工作所需的权限,然后在连接字符串中传递凭据。
我建议您使用SqlConnectionStringBuilder类来修改连接字符串,以便在处理凭据的方式上具有一定的灵活性。类似这样的东西:
// using System.Data.SqlClient;
const string srcConnString = "data source=DESKTOP-Q8526KR;initial catalog=dentned;integrated security=True;MultipleActiveResultSets=True;App=EntityFramework";
var csBuilder = new SqlConnectionStringBuilder(srcConnString);
csBuilder.Remove("Integrated Security");
csBuilder.UserID = "somesqluser";
csBuilder.Password = "password";
var connString = csBuilder.ToString();
SqlConnection sqlcon = new SqlConnection(connString);
顺便说一句,您的查询组合容易被严重滥用。请阅读SQL注入攻击以及如何通过使用参数化查询来避免这些攻击。从长远来看,你会省去很多痛苦。
更好的是,使用和ORM(如LINQ to DB、LINQ to SQL或实体框架)来访问数据库。它可能没有手工编写的SQL查询那么快(尽管有时更快),但一旦开始使用,它就更容易使用:
(EF6,基于此源代码)
using (var dc = new dentnedEntities())
{
var doctor = dc.doctors.SingleOrDefault(_ => _.doctors_username == username && _ => _.doctors_password == password);
if (doctor != null)
{
doctor.last_login = DateTime.Now;
dc.SaveChanges();
// update main form here...
}
else
{
MessageBox.Show("Invalid credentials.");
}
}
这是我的代码,但我认为有问题,因为我无法连接
private void button1_Click(object sender, EventArgs e)
{
const string srcConnString = "data source=DESKTOP-Q8526KR;initial catalog=dentned;integrated security=True;MultipleActiveResultSets=True;App=EntityFramework";
var csBuilder = new SqlConnectionStringBuilder(srcConnString);
csBuilder.Remove("Integrated Security");
csBuilder.UserID = "sa";
csBuilder.Password = "sasa";
var connString = csBuilder.ToString();
SqlConnection sqlcon = new SqlConnection(connString);
SqlDataAdapter sda = new SqlDataAdapter(srcConnString,sqlcon);
DataTable dbdoc = new DataTable();
sda.Fill(dbdoc);
if (dbdoc.Rows.Count == 1)
{
FormMain objfrmMain = new FormMain();
this.Hide();
if(dbdoc.Rows[0][8].ToString()!="admin")
{
objfrmMain.MainMenuStrip.Items[0].Visible = false;
objfrmMain.MainMenuStrip.Items[2].Visible = false;
objfrmMain.MainMenuStrip.Items[3].Visible = false;
objfrmMain.MainMenuStrip.Items[4].Visible = false;
objfrmMain.MainMenuStrip.Items[5].Visible = false;
objfrmMain.MainMenuStrip.Items[8].Visible = false;
}
objfrmMain.Show();
}
else
{
MessageBox.Show("Username-i ose passwordi eshte gabim !!!!!!!!!!!!!!!!!!!");
}
}