我正在尝试使我的登录表单在某人登录学生时,当学生进入时,它将转到lobby.cs表单,但它只会显示1按钮,当管理员进入时,它也将转到lobby.cs表单,但它将显示所有按钮。问题:即使管理员登录,也只会显示学生应该看到的内容。数据库已经很好,将类型设置为管理员帐户的管理员和学生帐户的学生下面的代码来自lobby.cs
try
{
adp = new SqlDataAdapter("SELECT COUNT(*) FROM Users WHERE Type = @type", con);
adp.SelectCommand.Parameters.Add("@type", "ADMIN");
dt = new DataTable(); adp.Fill(dt);
if (dt.Rows[0][0].ToString() == "1")
{
button2.Visible = true;
button3.Visible = true;
button4.Visible = true;
button5.Visible = true;
button1.Visible = true;
button6.Visible = false;
con.Close();
}
else
{
adp = new SqlDataAdapter("SELECT COUNT(*) FROM Users WHERE Type = @type", con);
adp.SelectCommand.Parameters.Add("@type", "STUDENT");
dt = new DataTable(); adp.Fill(dt);
if (dt.Rows[0][0].ToString() == "1")
{
button2.Visible = false;
button3.Visible = false;
button4.Visible = false;
button5.Visible = false;
button1.Visible = true;
button6.Visible = true;
con.Close();
}
}
}
catch (Exception ex)
{
MessageBox.Show(ex.Message, "ERROR", MessageBoxButtons.OK, MessageBoxIcon.Warning);
con.Close();
}
con.Open();
cmd = new SqlCommand("SELECT Username FROM Users WHERE Status = 'IN'", con);
using (SqlDataReader read = cmd.ExecuteReader())
{
while (read.Read())
{
textBox1.Text = (read["Username"].ToString());
}
con.Close();
}
此行:
if (dt.Rows[0][0].ToString() == "1")
说如果完全存在一个管理员,请显示管理员的登录表格。否则,如果存在0或2个或更多的管理员,则显示学生表格。
如果是在登录之前,则需要某种方法来从页面确定admin登录。无论是Querystring参数,存储的cookie还是一个单独的登录页面。
如果应该在登录后发生这种情况,并且您已经知道并已验证了用户,则可以将查询修改为:
adp = new SqlDataAdapter("SELECT 1 FROM Users WHERE Type = @type and username = @username", con);
adp.SelectCommand.Parameters.Add("@type", "ADMIN");
adp.SelectCommand.Parameters.Add("@username", loggedInUserName);
dt = new DataTable(); adp.Fill(dt);
if (dt.Rows[0][0].ToString() == "1") {
// Admin
}
else {
// Student
}
看起来需要对您的代码进行大修:
- 您的数据库旅行太多。(您可以一次拍摄这些数据)。
- 您在用户类型中的状况令人困惑,您将所有用户都带有" admin"one_answers" student",您应该在获取用户名的查询中获取它。
请参阅下面的代码:
try
{
var sql = "SELECT Username, Type FROM Users WHERE Username = @username AND Password = @password AND STATUS = 'IN'"
var isLogin = false; //check if user successfully logged it
var userType = ""; //for user type...
using (var sqlConn = new SqlConnection("your connection string"))
{
sqlConn.Open();
var sqlCmd = new SqlCommand(sql, sqlConn);
sqlCmd.Parameters.Add(new SqlParameter("@username", username));
sqlCmd.Parameters.Add(new SqlParameter("@password", password)); //I hope you had this field...
using (var reader = sqlCmd.ExecuteReader())
{
while(reader.Read())
{
textBox1.Text = reader["Username"].ToString(); //put it to the text box.
userType = reader["Type"].ToString(); //put the result type in the variable..
isLogin = true;
}
}
}
//check if has user
if (isLogin)
{
//just check the user type variable...
if (userType == "ADMIN")
{
button2.Visible = true;
button3.Visible = true;
button4.Visible = true;
button5.Visible = true;
button1.Visible = true;
button6.Visible = false;
}
else
{
button2.Visible = false;
button3.Visible = false;
button4.Visible = false;
button5.Visible = false;
button1.Visible = true;
button6.Visible = true;
}
}
else
{
MessageBox.Show("User doen't exist");
}
}
catch(Exception ex)
{
MessageBox.Show(ex.Message, "ERROR", MessageBoxButtons.OK, MessageBoxIcon.Warning);
}