黑马程序员技术交流社区
标题:
制作用户登录程序
[打印本页]
作者:
汪磊
时间:
2012-12-11 00:21
标题:
制作用户登录程序
前段时间闲着蛋疼,做了个学生综合信息管理系统,可是后来决定去黑马了,每天忙着学习,加上毕业实习一大堆事情,导致只完成了一部分内容,目前只实现了用户登录并根据用户权限设置功能限制,修改密码,添加用户,和删除用户!其实完成这几项也就差不多了,无非就是对数据库的增删查改嘛!
窗口界面如下,功能就不用介绍了:
作者:
汪磊
时间:
2012-12-11 00:30
本帖最后由 汪磊 于 2012-12-11 13:55 编辑
昨天晚上网太卡了,没写完 抱歉:
下面是公共类代码;
using System;
using System.Collections.Generic;
using System.Configuration;
using System.Data;
using System.Data.OleDb;
using System.Text;
using System.Windows.Forms;
using System.Collections;
namespace 学生信息管理系统
{
public class DBClass
{
//初始化字段
private static OleDbConnection conn = null;
private static OleDbCommand cmd = null;
private static OleDbDataReader sdr = null;
/// <summary>
/// 数据库操作类构造函数
/// </summary>
public DBClass()
{
}
/// <summary>
/// 获取数据库连接
/// </summary>
/// <returns>打开数据库连接</returns>
private static OleDbConnection GetConn()
{
//从配置文件获取数据库连接字符串
string connStr = ConfigurationManager.ConnectionStrings["DBPath"].ConnectionString;
conn = new OleDbConnection(connStr);
//判断数据库当前状态并选择是否打开连接
if (conn.State == ConnectionState.Closed)
{
conn.Open();
}
return conn;
}
#region 登录判断
static int loginFlag;
/// <summary>
/// 登录判断方法
/// </summary>
/// <param name="sql">传入要查询的SQL语句</param>
/// <returns>0:表示用户名或密码不正确;1:表示权限为0的用户;2:表示权限为1的用户</returns>
public static int Login(string userName, string password)
{
using (conn = GetConn())
{
//using (cmd=new OleDbCommand(sql,conn))//此方法易被强行注入
using (cmd = conn.CreateCommand())
{
//cmd.CommandText = "select 权限 from userid where 用户名='" + userName + "' and 密码 ='" + password + "'";//字符串拼接方式构成SQL语句易被注入破解!!!切记
cmd.CommandText = "select 权限 from userID where 用户名=@UN and 密码=@P";
cmd.Parameters.Add(new OleDbParameter("UN", userName));
cmd.Parameters.Add(new OleDbParameter("p", password));
//ExecuteScalar返回Command的第一行第一列数据
string quanxian = Convert.ToString(cmd.ExecuteScalar());
////不采用!因为多调用一个对象
//using (sdr = cmd.ExecuteReader())
//{
// while (sdr.Read())
// {
// string quanxian = sdr[0].ToString();
// }
//}
//权限判断
switch (quanxian)
{
case "":
loginFlag = 0;
break;
case "0":
loginFlag = 1;
break;
case "1":
loginFlag = 2;
break;
default:
break;
}
}
}
return loginFlag;
//用HasRows的方法判断
//conn = GetConn();
//cmd = new OleDbCommand(sql, conn);
//sdr = cmd.ExecuteReader();//执行oledatacommand命令,
//return sdr.HasRows;
}
#endregion
#region 修改密码
/// <summary>
/// 修改密码方法
/// </summary>
/// <param name="userName">被修改的用户</param>
/// <param name="newP">新密码</param>
public static void ChangePassword(string userName, string newP)
{
using (conn = GetConn())
{
using (cmd = conn.CreateCommand())
{
//cmd.CommandText = "insert into userid(用户名,密码,权限) values('123','reee','0')";
cmd.CommandText = "update userid set 密码=@P where 用户名=@UN";
cmd.Parameters.Add(new OleDbParameter("P", newP));
cmd.Parameters.Add(new OleDbParameter("UN", userName));
//执行参数化查询
int i = cmd.ExecuteNonQuery();
}
}
}
#endregion
#region 添加用户
/// <summary>
/// 添加用户方法
/// </summary>
/// <param name="userName">传入要添加的用户名</param>
/// <param name="password">传入要添加的密码</param>
/// <param name="role">传入要添加的角色</param>
public static void AddUser(string userName, string password, string role)
{
using (conn = GetConn())
{
using (cmd = conn.CreateCommand())
{
cmd.CommandText = "insert into userid(用户名,密码,权限) values(@UN,@P,@R)";
cmd.Parameters.Add(new OleDbParameter("UN", userName));
cmd.Parameters.Add(new OleDbParameter("P", password));
cmd.Parameters.Add(new OleDbParameter("R", role));
cmd.ExecuteNonQuery();
}
}
}
#endregion
#region 取出所有用户
/// <summary>
/// 取出所有用户的用户名
/// </summary>
/// <returns>包含所有用户用户名的数组</returns>
public static ArrayList ReadUser()
{
//conn = GetConn();
//cmd = conn.CreateCommand();
//cmd.CommandText = "select 用户名 from userid";
//sdr=cmd.ExecuteReader();
//ArrayList arr = new ArrayList();
// while (sdr.Read())
// {
// arr.Add(sdr[0].ToString());
// }
// return arr;
using (conn = GetConn())
{
using (cmd = conn.CreateCommand())
{
cmd.CommandText = "select 用户名 from userid";
using (sdr = cmd.ExecuteReader())
{
//定义一个动态数组接受该列数据并返回!
ArrayList arr = new ArrayList();
while (sdr.Read())
{
arr.Add(sdr[0].ToString());
}
return arr;
}
}
}
}
#endregion
#region 删除用户
/// <summary>
/// 删除用户方法
/// </summary>
/// <param name="userName">传入要删除的用户名</param>
public static void DeleteUser(string userName)
{
using (conn = GetConn())
{
using (cmd = conn.CreateCommand())
{
cmd.CommandText = "delete from userid where 用户名=@UN";
cmd.Parameters.Add(new OleDbParameter("UN", userName));
cmd.ExecuteNonQuery();
}
}
}
#endregion
}
}
复制代码
作者:
汪磊
时间:
2012-12-11 13:56
登录窗口代码:
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Data.OleDb;
using System.Drawing;
using System.Text;
using System.Windows.Forms;
namespace 学生信息管理系统
{
public partial class FormLogin : Form
{
public FormLogin()
{
InitializeComponent();
}
#region 登录事件
int errorTimes = 3;
public static string userName, quanxian;
private void btnLogin_Click(object sender, EventArgs e)
{
//判断用户名密码是否为空!
if (txtName.Text == "" || txtPassword.Text == "")
{
MessageBox.Show("用户名或密码不能为空,请输入密码和用户名", "提示", MessageBoxButtons.OK, MessageBoxIcon.Error);
txtName.Focus();
return;
//Console.WriteLine("用户名或密码不能为空");
}
else
{
switch (DBClass.Login(txtName.Text, txtPassword.Text))
{
case 0://登录失败,用户名或密码错误
errorTimes--;
if (errorTimes>0)
{
MessageBox.Show("用户名或密码错误,你还能尝试" + errorTimes + "次!", "提示", MessageBoxButtons.OK, MessageBoxIcon.Error);
txtName.Text = "";
txtPassword.Text = "";
txtName.Focus();
}
else
{
MessageBox.Show("错误次数过多,程序退出!", "提示", MessageBoxButtons.OK, MessageBoxIcon.Error);
Application.Exit();
return;
}
break;
case 1://登录成功并确定权限为0;
userName = txtName.Text;
quanxian = "管理员";
MessageBox.Show("欢迎您" + txtName.Text, "登录成功", MessageBoxButtons.OK, MessageBoxIcon.Information);
MdiFather mdi = new MdiFather();
mdi.Show();
this.Hide();
break;
case 2://登录成功并确定权限为1;
userName = txtName.Text;
quanxian = "学生";
MessageBox.Show("欢迎您" + txtName.Text, "登录成功", MessageBoxButtons.OK, MessageBoxIcon.Information);
mdi = new MdiFather();
mdi.Show();
this.Hide();
break;
default://用不到的,万一出现情况程序重启!
//throw Exception ex;
MessageBox.Show("程序出错\n即将退出", "提示", MessageBoxButtons.OK, MessageBoxIcon.Error);
Application.Restart();
break;
}
}
//string sql = string.Format("select*from userID where 用户名='{0}' and 密码='{1}'", txtName.Text, txtPassword.Text);
////判断用户名密码是否为空!
//if (txtName.Text == "" || txtPassword.Text == "")
//{
// MessageBox.Show("用户名或密码不能为空,请输入密码和用户名", "提示", MessageBoxButtons.OK, MessageBoxIcon.Error);
// txtName.Focus();
// //Console.WriteLine("用户名或密码不能为空");
//}
//else if (DBClass.Login(sql))
//{
// MessageBox.Show("欢迎您" + txtName.Text, "登录成功", MessageBoxButtons.OK, MessageBoxIcon.Information);
// MdiFather mdi = new MdiFather();
// mdi.Show();
// this.Hide();
// DBClass.conn.Close();
//}
//else
//{
// MessageBox.Show("用户名或密码错误,请输入正确的密码和用户名", "提示", MessageBoxButtons.OK, MessageBoxIcon.Error);
// txtName.Text = "";
// txtPassword.Text = "";
// txtName.Focus();
//}
}
private void btnReset_Click(object sender, EventArgs e)
{
txtName.Text = "";
txtPassword.Text = "";
txtName.Focus();
}
#endregion
}
}
复制代码
作者:
汪磊
时间:
2012-12-11 13:57
添加用户代码
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Text;
using System.Windows.Forms;
namespace 学生信息管理系统
{
public partial class MdiChild1 : Form
{
public MdiChild1()
{
InitializeComponent();
}
private void button2_Click(object sender, EventArgs e)
{
txtUserName.Text = "";
txtPassword.Text = "";
txtPassword2.Text = "";
cbRole.Text = "";
txtUserName.Focus();
}
private void btntjyh_Click(object sender, EventArgs e)
{
string userName = txtUserName.Text;
string password = txtPassword.Text;
string password2 = txtPassword2.Text;
string role = cbRole.SelectedIndex.ToString();
if (password==password2)
{
DBClass.AddUser(userName, password, role);
MessageBox.Show("添加成功", "提示", MessageBoxButtons.OK, MessageBoxIcon.Information);
txtUserName.Text = "";
txtPassword.Text = "";
txtPassword2.Text = "";
cbRole.Text = "";
txtUserName.Focus();
}
else
{
MessageBox.Show("两次输入的密码不一致!", "提示", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
}
}
复制代码
作者:
汪磊
时间:
2012-12-11 13:58
删除用户代码:
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Text;
using System.Windows.Forms;
using System.Data.OleDb;
using System.Collections;
namespace 学生信息管理系统
{
public partial class MdiChild2 : Form
{
public MdiChild2()
{
InitializeComponent();
}
private void btnDelete_Click(object sender, EventArgs e)
{
if (cbUser.SelectedItem.ToString() == "admin")
{
MessageBox.Show("你不能删除管理员账户", "错误", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
else
{
MessageBox.Show("你确定要删除该用户吗?", "询问", MessageBoxButtons.OKCancel, MessageBoxIcon.Question);
DBClass.DeleteUser(cbUser.SelectedItem.ToString());
MessageBox.Show("删除成功", "成功", MessageBoxButtons.OK, MessageBoxIcon.Information);
}
}
private void btnRefresh_Click(object sender, EventArgs e)
{
cbUser.Items.Clear();
ArrayList arr = DBClass.ReadUser();
foreach (string str in arr)
{
cbUser.Items.Add(str);
}
}
private void cbUser_DropDown(object sender, EventArgs e)
{
cbUser.Items.Clear();
ArrayList arr = DBClass.ReadUser();
foreach (string str in arr)
{
cbUser.Items.Add(str);
}
}
}
}
复制代码
欢迎光临 黑马程序员技术交流社区 (http://bbs.itheima.com/)
黑马程序员IT技术论坛 X3.2
