一尘不染

System.Data.SqlClient.SqlException:''0987' 附近的语法不正确。

c#

正在尝试添加登录表单并且没有错误,但错误显示在sda.Fill(dt); 无法弄清楚出了什么问题:/

namespace EShift_Management_System
{

    public partial class CusLogin : Form
    {
        Thread th;
        public CusLogin()
        {
            InitializeComponent();
        }

        public void opencusreg(object obj)
        {
            Application.Run(new CusReg());
        }

        private void labelRegister_Click(object sender, EventArgs e)
        {
            this.Close();
            th = new Thread(opencusreg);
            th.SetApartmentState(ApartmentState.STA);
            th.Start();
        }

        private void button1_Click(object sender, EventArgs e)
        {
            SqlConnection conn = new SqlConnection(@"Data Source=DESKTOP-TLUUEAF;Initial Catalog=EShift;Integrated Security=True");
            SqlDataAdapter sda = new SqlDataAdapter("select count(*) from Customertb where customer_name = '"+txtboxusername.Text+"' and customer_password'"+txtboxpassword.Text+"'", conn);
            DataTable dt = new DataTable();
            sda.Fill(dt);
            if (dt.Rows[0][0].ToString() == "1")
            {
                this.Hide();
                CusDashboard cd = new CusDashboard();
                cd.Show();
            }
            else
            {
                MessageBox.Show("Invalid Credentials! Please try again.","alert",MessageBoxButtons.OK,MessageBoxIcon.Error);

            }

        }
    }

阅读 97

收藏
2022-07-21

共1个答案

一尘不染

你的查询有一个小错误,密码后面的判断中没有“=”。

尝试改用参数化查询

using (SqlConnection conn = new SqlConnection(/*connStr*/))
            {
                string sql = "SELECT count(*) from Customertb where customer_name = @customer_name and customer_password = @customer_password";
                SqlDataAdapter sda = new SqlDataAdapter(sql, conn);
                sda.SelectCommand.Parameters.Add(new SqlParameter("@customer_name", this.txtboxusername.Text));
                sda.SelectCommand.Parameters.Add(new SqlParameter("@customer_password", this.txtboxpassword.Text));
                DataTable dt = new DataTable();  
                sda.Fill(dt);
                conn.Close();
                if (dt.Rows.Count == 0)
                    MessageBox.Show("Invalid Credentials! Please try again.", "alert", MessageBoxButtons.OK, MessageBoxIcon.Error);
                else
                {
                    this.Hide();
                    CusDashboard cd = new CusDashboard();
                    cd.Show();
                }
            }
2022-07-21