连接数据库 读取用户密码表,得出所有用户名,放到combobox中,选择用户名输入密码 然后select * from 用户密码表 where 用户名=选择的名字 判断密码与输入的密码是否一致
我也是这么想的 但是就是不知道具体该怎么下手 刚学dephi
获取所有用户名 Self.ADOQuery1.Close; Self.ADOQuery1.Connection:=form1.ADOConnection1; Self.ADOQuery1.SQL.Clear; Self.ADOQuery1.SQL.Add('select * from yhb'); Self.ADOQuery1.Open; while not Self.ADOQuery1.Eof do begin s:=Self.ADOQuery1.FieldByName('name').AsString; w_xtdl.ComboBox1.Items.Add(s); Self.ADOQuery1.Next; end;
密码判断 name:=w_xtdl.ComboBox1.Text; if name='' then Exit; s1:=w_xtdl.Edit1.Text; Self.ADOQuery1.Close; Self.ADOQuery1.Connection:=form1.ADOConnection1; Self.ADOQuery1.SQL.Clear; Self.ADOQuery1.SQL.Add('select * from yhb where name=:s1'); Self.ADOQuery1.Parameters.ParamByName('s1').Value:=name; Self.ADOQuery1.Open; if Self.ADOQuery1.RecordCount=0 then begin messagebox(application.Handle,'当前用户不存在','信息',mb_ok or mb_iconinformation); self.ComboBox1.SetFocus; exit; end; s:=Self.ADOQuery1.FieldByName('passwd').AsString; if s<>s1 then begin MessageBox(Application.Handle,'密码不正确','信息',MB_OK or MB_ICONINFORMATION); self.Edit1.SetFocus; Exit; end;
用表遍历方法. chzz 与 mm 是操作表的字段.procedure TForm1.Button1Click(Sender: TObject); var flag:boolean; chzz:string; mm:string; begin flag:=false; chzz:=combobox1.Text; mm:=edit1.Text; table1.Open; table1.First; while not table1.Eof do begin if (chzz=table1.Fields[0].AsString) and (mm=table1.Fields[1].asstring) then flag:=true; table1.Next; end; if flag then begin form2:=Tform2.Create(self); form2.ShowModal; table1.Close; end else messagedlg('密码不对,重新输入',mterror,[mbok],0); end;
procedure Tloginfrm.Button1Click(Sender: TObject); var i: integer; begin if (edit1.Text='') or(edit2.Text='') then begin application.MessageBox('Username or Password Forbid be Blank','Woring',64); edit1.SetFocus; end else begin with login do begin close; sql.Clear; sql.Add('select * from tblusers where username=:A and password=:B'); Parameters.ParamByName('A').Value:=uppercase(trim(edit1.Text)); Parameters.ParamByName('B').Value:=trim(edit2.Text); open; end; if login.RecordCount=0 then begin application.MessageBox('Invalid Username or Invalid Password','Woring',64); j:=j+1; if j>=3 then begin application.MessageBox('You have no Privilege to use the Program','Woring',64); application.Terminate; end; end else begin if login.FieldValues['username']='ADMINISTRATOR' then begin main.mainfrm.N3.Enabled:=true; main.mainfrm.N4.Enabled:=true; main.mainfrm.N6.Enabled:=true; end else begin with adoquery1 do begin close; sql.Clear; sql.Add('Select Privilege from ospusers where username=:A'); Parameters.ParamByName('A').Value:=uppercase(trim(edit1.Text)); open; end; case adoquery1.FieldValues['Privilege'] of 0: main.mainfrm.N3.Enabled:=true; 1: main.mainfrm.N4.Enabled:=true; 2: begin main.mainfrm.N3.Enabled:=true; main.mainfrm.N4.Enabled:=true; end; end; end; main.longname:=uppercase(edit1.Text); main.mainfrm.StatusBar1.Panels[0].Text:='login: '+main.longname; ini:=Tinifile.Create(ExtractFilePath(application.ExeName)+'OracleCon.ini'); ini.WriteString('DBCONFIG','DataSource',Srvname); ini.WriteString('DBCONFIG','user',edit1.Text); close; end; end; end;
select * from 密码表
取出后,判断界面输入的密码是否与取出的密码一致
http://book.csdn.net/bookfiles/662/10066220894.shtml
读取用户密码表,得出所有用户名,放到combobox中,选择用户名输入密码
然后select * from 用户密码表 where 用户名=选择的名字
判断密码与输入的密码是否一致
但是就是不知道具体该怎么下手
刚学dephi
Self.ADOQuery1.Connection:=form1.ADOConnection1;
Self.ADOQuery1.SQL.Clear;
Self.ADOQuery1.SQL.Add('select * from yhb');
Self.ADOQuery1.Open;
while not Self.ADOQuery1.Eof do
begin
s:=Self.ADOQuery1.FieldByName('name').AsString;
w_xtdl.ComboBox1.Items.Add(s);
Self.ADOQuery1.Next;
end;
Self.ADOConnection1.ConnectionString:='Provider=SQLOLEDB.1;Password='+
Self.vg_passwd+';Persist Security Info=True;user ID='
+Self.vg_user+';Initial Catalog=dlclreport'
+';Data Source='+self.vg_server;
try
self.ADOConnection1.Connected:=True;
self.vg_con_sjk:=True;
except
self.vg_con_sjk:=False;
end;
if name='' then
Exit; s1:=w_xtdl.Edit1.Text;
Self.ADOQuery1.Close;
Self.ADOQuery1.Connection:=form1.ADOConnection1;
Self.ADOQuery1.SQL.Clear;
Self.ADOQuery1.SQL.Add('select * from yhb where name=:s1');
Self.ADOQuery1.Parameters.ParamByName('s1').Value:=name;
Self.ADOQuery1.Open;
if Self.ADOQuery1.RecordCount=0 then
begin
messagebox(application.Handle,'当前用户不存在','信息',mb_ok or mb_iconinformation);
self.ComboBox1.SetFocus;
exit;
end;
s:=Self.ADOQuery1.FieldByName('passwd').AsString;
if s<>s1 then
begin
MessageBox(Application.Handle,'密码不正确','信息',MB_OK or MB_ICONINFORMATION);
self.Edit1.SetFocus;
Exit;
end;
var
flag:boolean;
chzz:string;
mm:string;
begin
flag:=false;
chzz:=combobox1.Text;
mm:=edit1.Text;
table1.Open;
table1.First;
while not table1.Eof do
begin
if (chzz=table1.Fields[0].AsString) and (mm=table1.Fields[1].asstring) then
flag:=true;
table1.Next;
end;
if flag then
begin
form2:=Tform2.Create(self);
form2.ShowModal;
table1.Close;
end
else
messagedlg('密码不对,重新输入',mterror,[mbok],0);
end;
这样可以防止SQL注入攻击。
procedure Tloginfrm.Button1Click(Sender: TObject);
var i: integer;
begin
if (edit1.Text='') or(edit2.Text='') then
begin
application.MessageBox('Username or Password Forbid be Blank','Woring',64);
edit1.SetFocus;
end
else
begin
with login do
begin
close;
sql.Clear;
sql.Add('select * from tblusers where username=:A and password=:B');
Parameters.ParamByName('A').Value:=uppercase(trim(edit1.Text));
Parameters.ParamByName('B').Value:=trim(edit2.Text);
open;
end;
if login.RecordCount=0 then
begin
application.MessageBox('Invalid Username or Invalid Password','Woring',64);
j:=j+1;
if j>=3 then
begin
application.MessageBox('You have no Privilege to use the Program','Woring',64);
application.Terminate;
end;
end
else
begin
if login.FieldValues['username']='ADMINISTRATOR' then
begin
main.mainfrm.N3.Enabled:=true;
main.mainfrm.N4.Enabled:=true;
main.mainfrm.N6.Enabled:=true;
end
else
begin
with adoquery1 do
begin
close;
sql.Clear;
sql.Add('Select Privilege from ospusers where username=:A');
Parameters.ParamByName('A').Value:=uppercase(trim(edit1.Text));
open;
end;
case adoquery1.FieldValues['Privilege'] of
0: main.mainfrm.N3.Enabled:=true;
1: main.mainfrm.N4.Enabled:=true;
2: begin
main.mainfrm.N3.Enabled:=true;
main.mainfrm.N4.Enabled:=true;
end;
end;
end;
main.longname:=uppercase(edit1.Text);
main.mainfrm.StatusBar1.Panels[0].Text:='login: '+main.longname;
ini:=Tinifile.Create(ExtractFilePath(application.ExeName)+'OracleCon.ini');
ini.WriteString('DBCONFIG','DataSource',Srvname);
ini.WriteString('DBCONFIG','user',edit1.Text);
close;
end;
end;
end;