我正在 VB.NET 中创建一个程序,在创建用户之前我想检查该记录是否已存在。
这是我的代码:
Imports MySql.Data.MySqlClient
Public Class WindowsAdvancedStudyStartingForms
Dim FirstName As String = ""
Dim SecondName As String = ""
Dim FullName As String = ""
Dim StudentClassReal As String = ""
Dim StudentClassValue As String = ""
Dim Address As String = ""
Dim Username As String = ""
Dim Password As String = ""
Dim SuccessfulMessage As Integer = 0
'MySql
Dim ServerString As String = "Server=myServer;User ID=myID;Passwordmy=Password;Database=myDatabase;SSLMode=None"
Dim SQLConnection As MySqlConnection = New MySqlConnection
Private Sub Button1_Click(sender As Object, e As EventArgs) Handles Button1.Click
FirstName = AFirstNameTextBox.Text
SecondName = ASecondNameTextBox.Text
FullName = FirstName + " " + SecondName
StudentClassValue = ASelectClassComboBox.SelectedItem
Address = AAddressTextBox.Text
Username = AUsernameTextBox.Text
Password = APasswordTextBox.Text
If StudentClassValue = "Class IX" Then
StudentClassReal = 9
Else
MessageBox.Show("You have selected a Wrong Class", "Wrong Class", MessageBoxButtons.OK, MessageBoxIcon.Error)
End If
If FirstName = "" And FirstName.Count = 1 Then
MessageBox.Show("You didn't enter your First Name", "First Name", MessageBoxButtons.OK, MessageBoxIcon.Error)
Else
'Nothing
End If
If SecondName = "" Then
MessageBox.Show("You didn't enter your Second Name", "Second Name", MessageBoxButtons.OK, MessageBoxIcon.Error)
Else
'Nothing
End If
If Address = "" Then
MessageBox.Show("You didn't enter your Address", "Address", MessageBoxButtons.OK, MessageBoxIcon.Error)
Else
'Nothing
End If
If Username = "" Then
MessageBox.Show("You didn't enter your Username", "Username", MessageBoxButtons.OK, MessageBoxIcon.Error)
Else
'Nothing
End If
If Password = "" Then
MessageBox.Show("You didn't enter your Password", "Password", MessageBoxButtons.OK, MessageBoxIcon.Error)
Else
'Nothing
End If
If StudentClassReal = "9" Then
Dim StudentInformationVerification As Integer = MessageBox.Show("Are you sure that these are your information?" & vbCrLf & "I am " + FullName + ", and I study at Class " + StudentClassReal + ". I live in " + Address + ". My Advanced Windows Study Username is " + Username + ", and my password is " + Password, "Information Verification", MessageBoxButtons.YesNo, MessageBoxIcon.Question)
If StudentInformationVerification = DialogResult.Yes Then
Dim SQLStatement As String = "INSERT INTO people(FirstName, SecondName, Class, Address, Username, Password) VALUES('" & FirstName & "','" & SecondName & "', '" & StudentClassReal & "', '" & Address & "', '" & Username & "', '" & Password & "')"
SaveName(SQLStatement)
My.Computer.Registry.LocalMachine.SetValue("Study", "1")
SuccessfulMessage = 1
Me.Close()
End If
If StudentInformationVerification = DialogResult.No Then
End If
Else
'Nothing
End If
End Sub
'MYSQL Connection
Private Sub WindowsAdvancedStudyStartingForms_Load(sender As Object, e As EventArgs) Handles MyBase.Load
Dim RegistryCheck As String = My.Computer.Registry.LocalMachine.GetValue("Study")
If RegistryCheck = 1 Then
LoginForm1.Show()
Me.Close()
End If
APasswordTextBox.UseSystemPasswordChar = True
SQLConnection:
SQLConnection.ConnectionString = ServerString
Try
If SQLConnection.State = ConnectionState.Closed Then
SQLConnection.Open()
If SuccessfulMessage = 0 Then
MessageBox.Show("Connected to Windows Advanced Study Database", "Connection to Database Passed", MessageBoxButtons.OK, MessageBoxIcon.Information)
End If
Else
SQLConnection.Close()
MessageBox.Show("Could not Connect to Windows Advanced Study Database", "Connection to Database Failed", MessageBoxButtons.RetryCancel, MessageBoxIcon.Error)
If DialogResult.Retry Then
GoTo SqlConnection
End If
If DialogResult.Cancel Then
Close()
End If
End If
Catch ex As Exception
MsgBox(ex.ToString)
End Try
End Sub
Public Sub SaveName(ByRef SQLStatement As String)
Dim cmd As MySqlCommand = New MySqlCommand
With cmd
.CommandText = SQLStatement
.CommandType = CommandType.Text
.Connection = SQLConnection
.ExecuteNonQuery()
End With
MessageBox.Show("Welcome to Advanced Windows Studying", "Authentication Successful", MessageBoxButtons.OK, MessageBoxIcon.Information)
End Sub
End Class
最佳答案
使用参数。打开选项严格。 您不需要所有这些 Dim 来获取学生信息。 您可以将连接字符串传递给 MySQLConnection 的构造函数。 将验证代码移至各个控件的 Validat 事件。查看如何取消事件,以便将焦点集中在适当的控件上。 您可以将 SQL 字符串和连接直接传递给连接构造函数。 即使出现错误,使用...EndUsing 语句也将确保对象被正确关闭和处置。这对于确保连接关闭非常重要。 不要使用GoTo。这只是为了向后兼容而在语言中使用,不应在新代码中使用。 (导致意大利面条代码) 在真实的应用程序中,密码永远不会以纯文本形式存储,但这是另一天的主题。 在 SQL 语句中,您需要用反引号 (`) 将 MySQL 保留字括起来。这是波形符 (~) 下面的字符,是 MySQL 的带引号的标识符。实际上,为了安全起见,用反勾号包围所有表名和列名并没有什么坏处。 我无法测试此代码,因为我没有您的数据库。
Imports MySql.Data.MySqlClient
Public Class MySQLStudent
Dim strConnection As String = "Server=myServer;User ID=myID;Passwordmy=Password;Database=myDatabase;SSLMode=None"
Private Sub RegisterStudent()
Using cn As New MySqlConnection(strConnection)
Dim SQLStatement As String = "Select Count(*) From people where Username = @UserName;"
Using cmdV As New MySqlCommand(SQLStatement, cn)
cn.Open()
Dim rowCount As Integer = CInt(cmdV.ExecuteScalar())
cn.Close()
If rowCount > 0 Then
MessageBox.Show("Sorry that username is in use; please enter another one.")
AUsernameTextBox.Focus
Exit Sub
End If
End Using
SQLStatement = "INSERT INTO people(FirstName, SecondName, `Class`, Address, `Username`, `Password`) VALUES(@FirstName, @SecondName', @StudentClassValue, @Address, @UserName, @Password);"
Using cmd As New MySqlCommand(SQLStatement, cn)
cmd.Parameters.Add("@FirstName", MySqlDbType.String).Value = AFirstNameTextBox.Text
cmd.Parameters.Add("@SecondName", MySqlDbType.String).Value = ASecondNameTextBox.Text
cmd.Parameters.Add("@StudentClassValue", MySqlDbType.String).Value = ASelectClassComboBox.SelectedItem
cmd.Parameters.Add("@Address", MySqlDbType.String).Value = AAddressTextBox.Text
cmd.Parameters.Add("@Username", MySqlDbType.String).Value = AUsernameTextBox.Text
cmd.Parameters.Add("@Password", MySqlDbType.String).Value = APasswordTextBox.Text
cn.Open()
With cmd
.CommandType = CommandType.Text
.ExecuteNonQuery()
End With
End Using
End Using
MessageBox.Show("Welcome to Advanced Windows Studying", "Registration Successful", MessageBoxButtons.OK, MessageBoxIcon.Information)
End Sub
Private Sub LogInStudent()
Using cn As New MySqlConnection(strConnection)
Using cmd As New MySqlCommand("Select Count(*) From people Where `Username` = @UserName And `Password` = @Password;", cn)
cmd.Parameters.Add("@UserName", MySqlDbType.String).Value = AUsernameTextBox.Text
cmd.Parameters.Add("@Password", MySqlDbType.String).Value = APasswordTextBox.Text
cn.Open()
Dim rowCount As Integer = CInt(cmd.ExecuteScalar)
cn.Close()
If rowCount <> 1 Then
MessageBox.Show("Sorry, invalid login.")
Exit Sub
End If
MessageBox.Show("Successful login.")
'Show the next form of the application
End Using
End Using
End Sub
End Class
关于mysql - 检查记录是否已存在,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/50553612/