I have a registration form, in this case it will just be USERNAME and PASSWORD.
When I create a table in SQL Server, I enter columns on both numbers, but when I try to register without entering a username or password, there is no error and my form 'Registrations' without a password for new user instance (if I did not enter the password).
This is my code, so if someone can help me with that problem, and also to say that some other wrong / bad code is written because I'm new in all this I think I did good on the problem of SQL injection but you never know Thank you so much for your reply.
Private Zero Button 1_Click (Object Sender, EventArgs e) {SqlConnection cn = New SqlConnection ("Data Source = Home-PC; Initial Catalog = TestDB1; Integrated Security = True"); Try {Cn.Open (); Include string query = "dbo.users (UU U name, UPSWORD) values (@UU name, @Y password)"; SqlCommand command = new SqlCommand (query, cn); order. Parameter. AddWithValue ("@ uUsername", textBox1.Text); order. Parameter. AddWithValue ("@ uPassword", text box 2. text); Command.ExecuteNonQuery (); MessageBox.Show ("OK"); This.usersTableAdapter.Fill (this.testDB1DataSet.users); } Hold (Exceptional Before) {MessageBox.Show ("Error"); } Finally {cn.Close (); }}
If I have understood this correctly, then you have C # which That a SQL Server interacts with the back end.
You should be able to add the check box to the C # code to check that the text box is empty or not when you click on the button. My C # is very messy, but it can be done:
if (string.IsNullOrWhiteSpace (textBox1.Text) || string.sNullOrWhiteSpace (textBox2.Text)) {messagebox.show ( "Invalid login"); } Unfortunately I do not have Visual Studio to see this, but I check that text boxes are not empty before doing SQL stuff.
In addition to that I will change the name of your text box which you will remember, otherwise you will get a nightmare to keep your code.
No comments:
Post a Comment