我知道我没有将我的密码存储在哈希中,但是出于这个数据库的目的,这无关紧要。
该代码引用了一个SQL数据库,该数据库将密码存储为纯文本
这是代码:
/*Checks to see if the username and password matcch the database
If it does, it lets you in, if not you displays an error message*/
string user = textBox1.Text.ToString();
string pass = textBox2.Text;
MySqlConnection conn = new MySqlConnection(ConnectionString);
MySqlDataAdapter sda = new MySqlDataAdapter("SELECT COUNT(*) from Employees WHERE UserName = '"+(user)+ "' and Password = '"+(pass)+"' collate Latin1_Genral_CS_AS", conn);
DataTable dt = new DataTable();
sda.Fill(dt);
if(dt.Rows[0][0].ToString() == "1")
{
HomeScreen home = new HomeScreen();
this.Hide();
home.ShowDialog();
}
else
{
MessageBox.Show("Incorrect Username or Password", "alter", MessageBoxButtons.OK, MessageBoxIcon.Error );
}
您可以将输入值和表格列都转换为lowercase或uppercase:
/*Checks to see if the username and password matcch the database
If it does, it lets you in, if not you displays an error message*/
string user = textBox1.Text.ToLower();
string pass = textBox2.Text.ToLower();
MySqlConnection conn = new MySqlConnection(ConnectionString);
MySqlDataAdapter sda = new MySqlDataAdapter("SELECT COUNT(*) from Employees WHERE LOWER(UserName) = '"+(user)+ "' and LOWER(Password) = '"+(pass)+"' collate Latin1_Genral_CS_AS", conn);
DataTable dt = new DataTable();
sda.Fill(dt);
if(dt.Rows[0][0].ToString() == "1")
{
HomeScreen home = new HomeScreen();
this.Hide();
home.ShowDialog();
}
else
{
MessageBox.Show("Incorrect Username or Password", "alter", MessageBoxButtons.OK, MessageBoxIcon.Error );
}
你可以alter你的database使用你想要的collation:
ALTER DATABASE DBNAME CHARACTER SET utf8 COLLATE utf8_general_ci;
但是,这仅适用于新表。你可以alter a table column使用你喜欢的collation:
ALTER TABLE table_name MODIFY column_name column_datatype COLLATE utf8_bin;