检查记录是否已经存在

slsn1g29  于 2021-06-23  发布在  Mysql
关注(0)|答案(1)|浏览(426)

我正在vb.net中创建一个程序,在创建一个用户之前,我想检查该记录是否已经存在。
这是我的密码:

Imports MySql.Data.MySqlClient
Public Class WindowsAdvancedStudyStartingForms
    Dim FirstName As String = ""
    Dim SecondName As String = ""
    Dim FullName As String = ""
    Dim StudentClassReal As String = ""
    Dim StudentClassValue As String = ""
    Dim Address As String = ""
    Dim Username As String = ""
    Dim Password As String = ""
    Dim SuccessfulMessage As Integer = 0
    'MySql
    Dim ServerString As String = "Server=myServer;User ID=myID;Passwordmy=Password;Database=myDatabase;SSLMode=None"
    Dim SQLConnection As MySqlConnection = New MySqlConnection
    Private Sub Button1_Click(sender As Object, e As EventArgs) Handles Button1.Click
        FirstName = AFirstNameTextBox.Text
        SecondName = ASecondNameTextBox.Text
        FullName = FirstName + " " + SecondName
        StudentClassValue = ASelectClassComboBox.SelectedItem
        Address = AAddressTextBox.Text
        Username = AUsernameTextBox.Text
        Password = APasswordTextBox.Text

        If StudentClassValue = "Class IX" Then
            StudentClassReal = 9
        Else
            MessageBox.Show("You have selected a Wrong Class", "Wrong Class", MessageBoxButtons.OK, MessageBoxIcon.Error)
        End If
        If FirstName = "" And FirstName.Count = 1 Then
            MessageBox.Show("You didn't enter your First Name", "First Name", MessageBoxButtons.OK, MessageBoxIcon.Error)
        Else
            'Nothing
        End If

        If SecondName = "" Then
            MessageBox.Show("You didn't enter your Second Name", "Second Name", MessageBoxButtons.OK, MessageBoxIcon.Error)
        Else
            'Nothing
        End If

        If Address = "" Then
            MessageBox.Show("You didn't enter your Address", "Address", MessageBoxButtons.OK, MessageBoxIcon.Error)
        Else
            'Nothing
        End If

        If Username = "" Then
            MessageBox.Show("You didn't enter your Username", "Username", MessageBoxButtons.OK, MessageBoxIcon.Error)
        Else
            'Nothing
        End If

        If Password = "" Then
            MessageBox.Show("You didn't enter your Password", "Password", MessageBoxButtons.OK, MessageBoxIcon.Error)
        Else
            'Nothing
        End If

        If StudentClassReal = "9" Then
            Dim StudentInformationVerification As Integer = MessageBox.Show("Are you sure that these are your information?" & vbCrLf & "I am " + FullName + ", and I study at Class " + StudentClassReal + ". I live in " + Address + ". My Advanced Windows Study Username is " + Username + ", and my password is " + Password, "Information Verification", MessageBoxButtons.YesNo, MessageBoxIcon.Question)

            If StudentInformationVerification = DialogResult.Yes Then
                Dim SQLStatement As String = "INSERT INTO people(FirstName, SecondName, Class, Address, Username, Password) VALUES('" & FirstName & "','" & SecondName & "', '" & StudentClassReal & "', '" & Address & "', '" & Username & "', '" & Password & "')"
                SaveName(SQLStatement)
                    My.Computer.Registry.LocalMachine.SetValue("Study", "1")
                    SuccessfulMessage = 1
                    Me.Close()
                End If

                If StudentInformationVerification = DialogResult.No Then

            End If
        Else
            'Nothing

        End If
    End Sub

    'MYSQL Connection
    Private Sub WindowsAdvancedStudyStartingForms_Load(sender As Object, e As EventArgs) Handles MyBase.Load
        Dim RegistryCheck As String = My.Computer.Registry.LocalMachine.GetValue("Study")
        If RegistryCheck = 1 Then
            LoginForm1.Show()
            Me.Close()
        End If
        APasswordTextBox.UseSystemPasswordChar = True
SQLConnection:

        SQLConnection.ConnectionString = ServerString

        Try
            If SQLConnection.State = ConnectionState.Closed Then
                SQLConnection.Open()
                If SuccessfulMessage = 0 Then
                    MessageBox.Show("Connected to Windows Advanced Study Database", "Connection to Database Passed", MessageBoxButtons.OK, MessageBoxIcon.Information)
                End If
            Else
                SQLConnection.Close()
                MessageBox.Show("Could not Connect to Windows Advanced Study Database", "Connection to Database Failed", MessageBoxButtons.RetryCancel, MessageBoxIcon.Error)
                If DialogResult.Retry Then
                    GoTo SqlConnection
                End If

                If DialogResult.Cancel Then
                    Close()
                End If
            End If
        Catch ex As Exception
            MsgBox(ex.ToString)
        End Try
    End Sub

    Public Sub SaveName(ByRef SQLStatement As String)
        Dim cmd As MySqlCommand = New MySqlCommand

        With cmd
            .CommandText = SQLStatement
            .CommandType = CommandType.Text
            .Connection = SQLConnection
            .ExecuteNonQuery()
        End With
        MessageBox.Show("Welcome to Advanced Windows Studying", "Authentication Successful", MessageBoxButtons.OK, MessageBoxIcon.Information)
    End Sub
End Class
qjp7pelc

qjp7pelc1#

使用参数。启用“选项严格”。你不需要所有的昏暗的学生信息。您可以将连接字符串传递给mysqlconnection的构造函数。将验证代码移到各个控件的validat事件。查找如何取消事件,以便将焦点放在适当的控件上。可以将sql字符串和连接直接传递给连接构造函数。使用…endusing语句将确保对象被正确关闭和释放,即使有错误。这对于确保连接关闭非常重要。不要使用goto。这只适用于向后兼容的语言,不应在新代码中使用(在真正的应用程序中,密码永远不会以纯文本的形式存储,但这是另一天的主题。在sql语句中,您需要用反记号(`)环绕mysql和mysql保留字,这是波浪号(~)下面的字符,是mysql的带引号的标识符。实际上,为了安全起见,在所有的表名和列名后面加上勾号并没有什么坏处。我无法测试此代码,因为我没有您的数据库。

Imports MySql.Data.MySqlClient
Public Class MySQLStudent
    Dim strConnection As String = "Server=myServer;User ID=myID;Passwordmy=Password;Database=myDatabase;SSLMode=None"
    Private Sub RegisterStudent()
        Using cn As New MySqlConnection(strConnection)
            Dim SQLStatement As String = "Select Count(*) From people where Username = @UserName;"
            Using cmdV As New MySqlCommand(SQLStatement, cn)
                cn.Open()
                Dim rowCount As Integer = CInt(cmdV.ExecuteScalar())
                cn.Close()
                If rowCount > 0 Then
                    MessageBox.Show("Sorry that username is in use; please enter another one.")
                    AUsernameTextBox.Focus
                    Exit Sub
                End If
            End Using
            SQLStatement = "INSERT INTO people(FirstName, SecondName, `Class`, Address, `Username`, `Password`) VALUES(@FirstName, @SecondName', @StudentClassValue, @Address, @UserName, @Password);"
            Using cmd As New MySqlCommand(SQLStatement, cn)
                cmd.Parameters.Add("@FirstName", MySqlDbType.String).Value = AFirstNameTextBox.Text
                cmd.Parameters.Add("@SecondName", MySqlDbType.String).Value = ASecondNameTextBox.Text
                cmd.Parameters.Add("@StudentClassValue", MySqlDbType.String).Value = ASelectClassComboBox.SelectedItem
                cmd.Parameters.Add("@Address", MySqlDbType.String).Value = AAddressTextBox.Text
                cmd.Parameters.Add("@Username", MySqlDbType.String).Value = AUsernameTextBox.Text
                cmd.Parameters.Add("@Password", MySqlDbType.String).Value = APasswordTextBox.Text
                cn.Open()
                With cmd
                    .CommandType = CommandType.Text
                    .ExecuteNonQuery()
                End With
            End Using
        End Using
        MessageBox.Show("Welcome to Advanced Windows Studying", "Registration Successful", MessageBoxButtons.OK, MessageBoxIcon.Information)
    End Sub
    Private Sub LogInStudent()
        Using cn As New MySqlConnection(strConnection)
            Using cmd As New MySqlCommand("Select Count(*) From people Where `Username` = @UserName And `Password` = @Password;", cn)
                cmd.Parameters.Add("@UserName", MySqlDbType.String).Value = AUsernameTextBox.Text
                cmd.Parameters.Add("@Password", MySqlDbType.String).Value = APasswordTextBox.Text
                cn.Open()
                Dim rowCount As Integer = CInt(cmd.ExecuteScalar)
                cn.Close()
                If rowCount <> 1 Then
                    MessageBox.Show("Sorry, invalid login.")
                    Exit Sub
                End If
                MessageBox.Show("Successful login.")
                'Show the next form of the application
            End Using
        End Using
    End Sub
End Class

相关问题