using System.Collections.Generic; using System.ComponentModel; using System.Data; using System.Drawing; using System.Text; using System.Windows.Forms; using System.Data.SqlClient;namespace 登录程序 { public partial class Form1 : Form { public Form1() { InitializeComponent(); } private void IncErrortimes() { using (SqlConnection con = new SqlConnection(@"Data Source=.\SQLEXPRESS; AttachDBFilename=|DataDirectory|\myDB.mdf; Integrated Security=True;User Instance=True")) using (SqlCommand updateCmd = con.CreateCommand()) { con.Open(); updateCmd.CommandText = "update Mytable set Errortimes=Errortimes+1 where UserName=@UN"; updateCmd.Parameters.Add(new SqlParameter("UN", Usernametextbox.Text));
private void button1_Click(object sender, EventArgs e) { using (SqlConnection con = new SqlConnection(@"Data Source=.\SQLEXPRESS; AttachDBFilename=|DataDirectory|\myDB.mdf; Integrated Security=True;User Instance=True")) { con.Open(); using (SqlCommand cmd = new SqlCommand()) { cmd.Connection = con; cmd.CommandText = "select * from Mytable where Username=@UN"; cmd.Parameters.Add(new SqlParameter("UN", Usernametextbox.Text)); Username=Usernametextbox.Text"; using (SqlDataReader reader = cmd.ExecuteReader()) { if (reader.Read()) { int arrortime = reader.GetInt32(reader.GetOrdinal("Errortimes")); if (arrortime>2) { MessageBox.Show("登录次数过多,禁止登录!!!"); ResetErrortimes(); return; } string dbpassword = reader.GetString(reader.GetOrdinal("Password")); if (dbpassword==PasswordtextBox.Text) { MessageBox.Show("登录成功!"); } else { IncErrortimes(); } } else { MessageBox.Show("用户名不存在"); } } } } } private void button2_Click(object sender, EventArgs e) { creatTable(); MessageBox.Show("创建新表成功!!!"); } } } 当某一用户名连续登录三次失败会报错"登录次数过多,禁止登录!!!";(可见Mytable表字段Errortimes数据变成3了) 但是打开表后该对应用户Errortimes字段值还是0
没有使用dateset,是对数据库直接操作,不是对本地缓存(dateset)操作。IncErrortimes()函数里的 "update Mytable set Errortimes=Errortimes+1 where UserName=@UN"; 这里的语句有问题。应该使用字符串相加的方式 "update Mytable set Errortimes=“+Errortimes+1”+" where UserName=@UN"; 不然的话,Errortimes就不作为变量,而是SQL语句的一部分执行,当然得不到更新 还要把当前错误次数作为参数传给IncErrortimes()函数这么写太麻烦了,每次都要打开关闭连接。。还要写连接字符串。。最好把字符串写到配置文件里。。
也可以使用参数的方式 "update Mytable set Errortimes=@Errortimes where UserName=@UN"; cmd.Parameter.Add(new SqlParameter("Errortimes",Errortimes+1));
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Text;
using System.Windows.Forms;
using System.Data.SqlClient;namespace 登录程序
{
public partial class Form1 : Form
{
public Form1()
{
InitializeComponent();
} private void IncErrortimes()
{
using (SqlConnection con = new SqlConnection(@"Data Source=.\SQLEXPRESS;
AttachDBFilename=|DataDirectory|\myDB.mdf;
Integrated Security=True;User Instance=True")) using (SqlCommand updateCmd = con.CreateCommand())
{
con.Open();
updateCmd.CommandText = "update Mytable set Errortimes=Errortimes+1 where UserName=@UN";
updateCmd.Parameters.Add(new SqlParameter("UN", Usernametextbox.Text));
updateCmd.ExecuteNonQuery();
}
MessageBox.Show("登录失败!!!"); }
private void button1_Click(object sender, EventArgs e)
{
using (SqlConnection con = new SqlConnection(@"Data Source=.\SQLEXPRESS;
AttachDBFilename=|DataDirectory|\myDB.mdf;
Integrated Security=True;User Instance=True"))
{
con.Open();
using (SqlCommand cmd = new SqlCommand())
{
cmd.Connection = con;
cmd.CommandText = "select * from Mytable where Username=@UN";
cmd.Parameters.Add(new SqlParameter("UN", Usernametextbox.Text));
Username=Usernametextbox.Text";
using (SqlDataReader reader = cmd.ExecuteReader())
{
if (reader.Read())
{
int arrortime = reader.GetInt32(reader.GetOrdinal("Errortimes"));
if (arrortime>2) {
MessageBox.Show("登录次数过多,禁止登录!!!");
ResetErrortimes();
return;
}
string dbpassword = reader.GetString(reader.GetOrdinal("Password"));
if (dbpassword==PasswordtextBox.Text)
{
MessageBox.Show("登录成功!");
}
else
{
IncErrortimes();
}
}
else
{
MessageBox.Show("用户名不存在");
}
}
}
} } private void button2_Click(object sender, EventArgs e)
{
creatTable();
MessageBox.Show("创建新表成功!!!");
}
}
}
当某一用户名连续登录三次失败会报错"登录次数过多,禁止登录!!!";(可见Mytable表字段Errortimes数据变成3了)
但是打开表后该对应用户Errortimes字段值还是0
"update Mytable set Errortimes=Errortimes+1 where UserName=@UN";
这里的语句有问题。应该使用字符串相加的方式
"update Mytable set Errortimes=“+Errortimes+1”+" where UserName=@UN";
不然的话,Errortimes就不作为变量,而是SQL语句的一部分执行,当然得不到更新
还要把当前错误次数作为参数传给IncErrortimes()函数这么写太麻烦了,每次都要打开关闭连接。。还要写连接字符串。。最好把字符串写到配置文件里。。
"update Mytable set Errortimes=@Errortimes where UserName=@UN";
cmd.Parameter.Add(new SqlParameter("Errortimes",Errortimes+1));
SqlCommandBuilder builder=new SqlCommandBuilder(DataAdapter);
DataAdapter.Update(dataset,表名)更新
好像是这样,你试试!
你没给IncErrortimes()函数传参数,当然不存在了。。
改为:
updateCmd.Parameters.Add(new SqlParameter("@UN", Usernametextbox.Text));
注意参数前面的@符号必须有,不然这语句本身执行都要报错,不知道你怎么可能执行通过的。
string dataDir = AppDomain.CurrentDomain.BaseDirectory;
if (dataDir.EndsWith(@"\bin\Debug\") || dataDir.EndsWith(@"\bin\Release\"))
{
dataDir = System.IO.Directory.GetParent(dataDir).Parent.Parent.FullName;
AppDomain.CurrentDomain.SetData("DataDirectory", dataDir);
}