これは私が登録情報に使用しているコードです.2つのoleDbCommandを一緒に追加することで様々な方法を試しましたが、これはうまく動作しません。TryCatchコードをすべて検索する方法はありますかtbname.Textのユーザー名を重複していますか?テーブル内のユーザ名が重複しています
Select count(*) from [User] Where [email protected]
まず@UserName
、これはそれがに追加されたパラメータである:だからそれは文句を言わない、この名前を持つユーザーをカウントするクエリを作成し、データベースに挿入すると、エラーメッセージ
{
{
connect.Open();
OleDbCommand command = new OleDbCommand();
command.Connection = connect;
command.CommandText = "select * from Table1 where Username ='" + tbName.Text + "'";
OleDbDataReader reader = command.ExecuteReader();
int count = 0;
while (reader.Read())
{
count = count + 1;
//count++;
}
if (count == 0)
{
if (tbName.Text != "Name" && tbPass.Text != "Password")
{
if (tbEmail.Text != "Email" && tbMobile.Text != "Number")
{
if (tbFirstName.Text != "" && tbLastName.Text != "")
{
const int MIN_LENGTH = 8;
string password = tbPass.Text;
if (password.Length >= MIN_LENGTH && upperCase(password) >= 1)
{
r2.Text = "";
r2.ForeColor = Color.Red;
}
else
{
r2.Text = "*Password Is Bad*";
r2.ForeColor = Color.Red;
}
if (RegularExpression.checkForEmail(tbEmail.Text.ToString()))
{
r3.Text = "";
}
else
{
r3.Text = "Invalid email ! Email Contains a @ , .Com ";
r3.ForeColor = Color.Red;
}
if (r2.Text == "" && r3.Text == "")
{ goto na; }
else { goto ne; }
}
else { goto ne; }
}
else { goto ne; }
}
else { goto ne; ; }
ne:
if (tbName.Text == "Username")
{ r1.Text = "*USERNAME REQUIRED*"; r1.ForeColor = Color.Red; }
if (tbPass.Text == "Password")
{ r2.Text = "*PASSWORD REQUIRED*"; r2.ForeColor = Color.Red; }
if (tbEmail.Text == "Email")
{ r3.Text = "*EMAIL REQUIRED*"; r3.ForeColor = Color.Red; }
if (tbMobile.Text == "Number")
{ r4.Text = "*MOBILE NUMBER REQUIRED*"; r4.ForeColor = Color.Red; }
if (tbFirstName.Text == "")
{ label3.Text = "*FIRST NAME REQUIRED*"; r4.ForeColor = Color.Red; }
else { label3.Text = ""; }
if (tbLastName.Text == "")
{ label4.Text = "*LAST NAME REQUIRED*"; r4.ForeColor = Color.Red; }
else { label4.Text = ""; }
MessageBox.Show("Please fill up all the required information correctly before proceeding");
return;
na:
try
{
connect.Open();
OleDbCommand command1 = new OleDbCommand();
command1.Connection = connect;
command1.CommandText = "insert into Table1([Username], [Password], [Email], [Number], [FirstName], [LastName]) values('" + tbName.Text + "','" + tbPass.Text + "','" + tbEmail.Text + "','" + tbMobile.Text + "','" + tbFirstName.Text + "','" + tbLastName.Text + "')";
command1.ExecuteNonQuery();
MessageBox.Show("Data Saved");
MessageBox.Show("Successfully registered, Please log in");
regPage log = new regPage();
this.Hide();
log.ShowDialog();
this.Close();
connect.Close();
}
catch (Exception ex)
{
// MessageBox.Show("Error " + ex);
connect.Close();
}
}
// if (count > 1)
// {
// MessageBox.Show("Duplicate username and password");
// }
else
{
// MessageBox.Show("Username and password is incorrect");
MessageBox.Show("Duplicate Name , Please Use Other Username");
regPage log = new regPage();
this.Hide();
log.ShowDialog();
this.Close();
connect.Close();
}
connect.Close();
}
}
Gah! SQLの注入穴。それは私たちを燃やす! –
ちょうど古い学校の方法を使用して@JoelCoehoorn –
@テロンキー私が何を書いているのか、何かが明らかでないかどうか質問を理解しようとする。 – mybirthname