private void button2_Click(object sender, EventArgs e)
{
this.Hide();
Frm_Menu form2 = new Frm_Menu(); // Form2为跳转页面的窗体名称
form2.ShowDialog();
}
private void button3_Click(object sender, EventArgs e)
{
this.Hide();
Frm_Menu form = new Frm_Menu();
form.ShowDialog();
}
private void Btn_confirm_Click(object sender, EventArgs e)
{
try
{
SqlConnection sqlConnection = new SqlConnection();
SqlCommand sqlCommand = sqlConnection.CreateCommand();
sqlConnection.ConnectionString = "Server=(Local);Database='" + ser + "';Integrated Security=false;UID='" + uid + "';Password='******';";
//在字符串变量中,描述连接字符串所需的服务器地址、数据库名称、集成安全性(即是否使用Windows验证);
sqlCommand.CommandText = "SELECT COUNT(1) FROM UserAdministration WHERE UserId=@workid AND UserPassWord=@workpsw;"; //指定SQL命令的命令文本;命令文本包含参数;
#region SQL参数用法1
SqlParameter sqlParameter = new SqlParameter(); //声明并实例化SQL参数;
sqlParameter.ParameterName = "@workid"; //设置SQL参数的名称
sqlParameter.Value = Txt_workid.Text; //设置SQL参数的长度;
sqlParameter.SqlDbType = SqlDbType.Char; //设置SQL参数对应的SQL Server数据类型;
sqlParameter.Size = 10; //设置SQL参数的长度;
sqlCommand.Parameters.Add(sqlParameter); //向SQL命令的参数集合添加SQL参数;
#endregion
#region SQL参数用法2
sqlCommand.Parameters.AddWithValue("@workpsw", this.Txt_workpsw.Text); //直接调用方法AddWithValue向SQL命令的参数集合添加参数的名称、值;SQL参数能自动识别类型,但若SQL参数被用作某函数的输入参数,则使用函数定义的参数类型作为SQL参数类型;
sqlCommand.Parameters["@workpsw"].SqlDbType = SqlDbType.VarChar; //通过参数名称访问SQL参数,并将密码参数的类型设为变长字符串;由于HASHBYTES函数的参数为NVARCHAR,则SQL参数类型自动设为NVARCHAR;对于相同密码,VARCHAR/NVARCHAR类型所获得的散列值不同,故需手动将SQL参数类型统一设为VARCHAR;
#endregion //打开SQL连接;
sqlConnection.Open();
int rowCount = (int)sqlCommand.ExecuteScalar();
sqlConnection.Close();
//调用SQL命令的方法ExecuteScalar来执行命令,并接受单个结果(即标量);
if (rowCount == 1) //若查得所输用户号相应的1行记录;
{
MessageBox.Show("登录成功。");
sqlConnection.Open(); //打开SQL连接;
this.Hide();
Frm_Menu form2 = new Frm_Menu(); // Form2为跳转页面的窗体名称
form2.uid = uid;
form2.ser = ser;
form2.psw = psw;
form2.ShowDialog();
sqlConnection.Close();
//显示正确提示;
}
else
{
MessageBox.Show("登录失败,请检查用户名及密码是否正确", "错误!");
this.Txt_workpsw.SelectAll(); //密码文本框内所有文本被选中;}
}
}
catch (Exception ex) //否则;
{
MessageBox.Show(ex.Message);
}
}
private void Btn_Confirm_Click(object sender, EventArgs e)
{
SqlConnection sqlConnection = new SqlConnection();
sqlConnection.ConnectionString = "Server=(Local);Database=PharmacySystem;Integrated Security=false;UID='" + uid + "';Password='******';";
SqlCommand sqlCommand = new SqlCommand();
sqlCommand.Connection = sqlConnection;
sqlCommand.CommandText = "select * from UserAdministration where userid='" + Txt_uid + "' and UserPassWord='******'";
sqlConnection.Open();
int rowCount = (int)sqlCommand.ExecuteScalar();
sqlConnection.Close();
//调用SQL命令的方法ExecuteScalar来执行命令,并接受单个结果(即标量);
if (rowCount == 1) //若查得所输用户号相应的1行记录;
{
SqlCommand sqlCommand2 = new SqlCommand();
sqlCommand2.Connection = sqlConnection;
sqlCommand2.CommandText = "UPDATE UserAdministration SET UserPassWord='******' WHERE where UserId='" + Txt_uid + "' and UserPassWord='******'";
sqlConnection.Open();
int rowAffected = sqlCommand.ExecuteNonQuery(); //调用SQL命令的方法ExecuteNonQuery来执行命令,向数据库写入数据,并返回受影响行数;
sqlConnection.Close(); //关闭SQL连接;
MessageBox.Show("更新成功!"); //在消息框显示受影响行数;
this.Hide();
Frm_Menu form2 = new Frm_Menu(); // Form2为跳转页面的窗体名称
form2.uid = uid;
form2.ser = ser;
form2.psw = psw;
form2.ShowDialog();
//显示正确提示;
}
else
{
MessageBox.Show("登录失败,请检查用户名及密码是否正确", "错误!");
this.Txt_oldpsw.SelectAll(); //密码文本框内所有文本被选中;}
}
}
private void Frm_useradmin_Load_1(object sender, EventArgs e)
{
SqlConnection sqlConnection = new SqlConnection();
SqlCommand sqlCommand = sqlConnection.CreateCommand();
#region SQL参数用法1
SqlParameter sqlParameter = new SqlParameter(); //声明并实例化SQL参数;
sqlParameter.ParameterName = "@UID"; //设置SQL参数的名称;
sqlParameter.Value = uid; //设置SQL参数的长度;
sqlParameter.SqlDbType = SqlDbType.Char; //设置SQL参数对应的SQL Server数据类型;
sqlParameter.Size = 10; //设置SQL参数的长度;
sqlCommand.Parameters.Add(sqlParameter); //向SQL命令的参数集合添加SQL参数;
#endregion
#region SQL参数用法2
sqlCommand.Parameters.AddWithValue("@PSW", psw); //直接调用方法AddWithValue向SQL命令的参数集合添加参数的名称、值;SQL参数能自动识别类型,但若SQL参数被用作某函数的输入参数,则使用函数定义的参数类型作为SQL参数类型;
sqlCommand.Parameters["@PSW"].SqlDbType = SqlDbType.VarChar; //通过参数名称访问SQL参数,并将密码参数的类型设为变长字符串;由于HASHBYTES函数的参数为NVARCHAR,则SQL参数类型自动设为NVARCHAR;对于相同密码,VARCHAR/NVARCHAR类型所获得的散列值不同,故需手动将SQL参数类型统一设为VARCHAR;
#endregion
//声明并实例化SQL连接;
sqlConnection.ConnectionString =
"Server=(Local);Database=EduBaseDemo;Integrated Security=false;UID='" + uid + "';Password='******';";
//在字符串变量中,描述连接字符串所需的服务器地址、数据库名称、集成安全性(即是否使用Windows验证);
sqlConnection.Open(); //打开SQL连接;
MessageBox.Show //在消息框中显示;
("欢迎你!" + "uid" + "!");
//消息框消息内容;;
MessageBox.Show //在消息框中显示;
("连接状态:" + sqlConnection.State.ToString() //消息框消息内容;
+ "\n工作站标识:" + sqlConnection.WorkstationId
+ "\n服务器地址:" + sqlConnection.DataSource
+ "\n服务器版本:" + sqlConnection.ServerVersion
+ "\n数据库名称:" + sqlConnection.Database);
this.Hide();
Frm_Menu form2 = new Frm_Menu(); // Form2为跳转页面的窗体名称
form2.ShowDialog();
}