ADO.NET复习总结(5)--工具类SqlHelper 实现登录
工具类SqlHelper
即:完成常用数据库操作的代码封装
一、基础知识
1、每次进行操作时,不变的代码:
(1)连接字符串;
(2)往集合存值;
(3)创建连接对象、命令对象;
(4)打开连接;
(5)执行命令
2、每次操作时,变化的代码:
(1)sql语句;
(2)参数
3、配置文件(关于配置这篇文章讲的挺详细的:)
好处:修改方便;
维护成本降低,修改程序不需要重新编译。
代码为:
<?xml version="1.0" encoding="utf-8" ?>"dbtest" connectionString="server=.;database=dbtest;uid=sa;pwd=123"/>
二、开始封装
using System; using System.Collections.Generic; using System.Configuration; using System.Data; using System.Data.SqlClient; using System.Linq; using System.Text; using System.Threading.Tasks; namespace t1_UserLogin { public static partial class SqlHelper { private static string connStr = ConfigurationManager.ConnectionStrings["dbtest"].ConnectionString; //执行查询:select返回多行多列 public static SqlDataReader ExecuteReader (string sql, params SqlParameter[] ps)//SqlParameter[] ps=new SqlParameter[]; { SqlConnection conn = new SqlConnection(connStr); SqlCommand cmd = new SqlCommand(sql, conn); if (ps.Length > 0) { cmd.Parameters.AddRange(ps); } conn.Open(); //使用SqlDataReader时,连接必须是打开的;设置此参数后,关闭SqlDataReader时会自动关闭使用的连接 return cmd.ExecuteReader(CommandBehavior.CloseConnection); } //执行查询:select返回首行首列 public static object ExecuteScalar(string sql, params SqlParameter[] ps) { using (SqlConnection conn = new SqlConnection(connStr)) { SqlCommand cmd = new SqlCommand(sql, conn); cmd.Parameters.AddRange(ps); conn.Open(); return cmd.ExecuteScalar(); } } //执行操作:insert,update,delete public static int ExecuteNonQuery(string sql, params SqlParameter[] ps) { using (SqlConnection conn = new SqlConnection(connStr)) { SqlCommand cmd = new SqlCommand(sql, conn); cmd.Parameters.AddRange(ps); conn.Open(); return cmd.ExecuteNonQuery(); } } } }
三、实现登录
用户连接三次登录失败,则锁定15分钟,15分钟之后才可以再使用
实现简单登录
MD5加密:
using System; using System.Collections.Generic; using System.Linq; using System.Security.Cryptography; using System.Text; using System.Threading.Tasks; namespace t1_UserLogin { public static partial class Md5Helper { public static string Encrypt(string pwd) { MD5 md5 = MD5.Create(); //将字符串转换成字符数据:指定编码 byte[] pwd2 = Encoding.UTF8.GetBytes(pwd); byte[] pwd3 = md5.ComputeHash(pwd2); StringBuilder sb=new StringBuilder(""); for (int i = 0; i < pwd3.Length; i++) { sb.Append(pwd3[i].ToString("x2").ToLower()); } //0-255 //00-ff 10=>16 07 return sb.ToString(); } } }
1、登录代码:
using System; using System.Collections.Generic; using System.ComponentModel; using System.Data; using System.Data.SqlClient; using System.Drawing; using System.Linq; using System.Text; using System.Threading.Tasks; using System.Windows.Forms; using t1_UserLogin; namespace login { public partial class Form1 : Form { public Form1() { InitializeComponent(); } private void btnLogin_Click(object sender, EventArgs e) { string sql = "select userpwd from userinfo where username=@name"; SqlParameter p = new SqlParameter("@name", txtName.Text); object pwd = SqlHelper.ExecuteScalar(sql, p); if(pwd==null) { MessageBox.Show("用户名错误"); } else if (pwd.ToString().Equals(Md5Helper.Encrypt(txtbwd.Text))) { MessageBox.Show("登录成功"); } else { MessageBox.Show("密码错误"); } } } }
2、登录代码:(锁定15分钟)
(1)登录逻辑(重要)
(2)数据库
(3)初级代码
using System; using System.Collections.Generic; using System.ComponentModel; using System.Data; using System.Data.SqlClient; using System.Drawing; using System.Linq; using System.Text; using System.Threading.Tasks; using System.Windows.Forms; using t1_UserLogin; namespace login { public partial class Form1 : Form { public Form1() { InitializeComponent(); } private void btnLogin_Click(object sender, EventArgs e) { #region 锁定15分钟 string sql = "select count(*) from userinfo where username=@name"; SqlParameter p = new SqlParameter("@name", txtName.Text); int count = Convert.ToInt32(SqlHelper.ExecuteScalar(sql, p)); if (count > 0) { sql = "select count(*) from userinfo where username=@name and errorcount>=3 and datediff(Minute,errortime,getdate())<=15"; SqlParameter p11 = new SqlParameter("@name", txtName.Text); count = Convert.ToInt32(SqlHelper.ExecuteScalar(sql, p11)); if (count > 0) { MessageBox.Show("账户已被锁定"); } else { //当前未被锁定 sql = "select count(*) from userinfo where username=@name and userpwd=@pwd"; SqlParameter p12 = new SqlParameter("@name", txtName.Text); SqlParameter p2 = new SqlParameter("@pwd", Md5Helper.Encrypt(txtbwd.Text)); count = Convert.ToInt32(SqlHelper.ExecuteScalar(sql, p12, p2)); if (count > 0) { sql = "update userinfo set errorcount=0 where username=@name"; SqlParameter p13 = new SqlParameter("@name", txtName.Text); SqlHelper.ExecuteNonQuery(sql, p13); MessageBox.Show("成功"); } else { //出错,更新次数与时间 sql = "update userinfo set errorcount=errorcount+1,errortime=getdate() where username=@name"; SqlParameter p14 = new SqlParameter("@name", txtName.Text); SqlHelper.ExecuteNonQuery(sql, p14); MessageBox.Show("密码错误"); } } } else { MessageBox.Show("用户不存在"); } #endregion } } }
3、登录代码:(锁定15分钟)-——————优化
(1)逻辑*(重要)
(2)代码优化
using System; using System.Collections.Generic; using System.ComponentModel; using System.Data; using System.Data.SqlClient; using System.Drawing; using System.Linq; using System.Text; using System.Threading.Tasks; using System.Windows.Forms; using t1_UserLogin; namespace login { public partial class Form1 : Form { public Form1() { InitializeComponent(); } private void btnLogin_Click(object sender, EventArgs e) { #region 锁定15分钟-优化 string sql = "select errorcount,errortime,userpwd from userinfo where username=@name"; SqlParameter p = new SqlParameter("@name", txtName.Text); using (SqlDataReader reader = SqlHelper.ExecuteReader(sql, p)) { if (reader.Read()) { //当前用户名存在 int errorCount = Convert.ToInt32(reader["errorCount"]); double errorTime1 = 0; //如果单元格返回空值,使用DBNull.Value进行判断 if (reader["ErrorTime"] != DBNull.Value) { DateTime errorTime = Convert.ToDateTime(reader["errorTime"]); errorTime1 = (DateTime.Now - errorTime).TotalMinutes; } string pwd1 = reader["userPwd"].ToString(); string pwd2 = Md5Helper.Encrypt(txtbwd.Text); if (errorCount >= 3) { //超过3次 if (errorTime1 <= 15) { //过时 MessageBox.Show("锁定"); } else { int count1 = 0; if (pwd1.Equals(pwd2)) { count1 = 0; MessageBox.Show("成功"); } else { count1 = 1; MessageBox.Show("密码错误"); } //字符串拼接 sql = "update userinfo set errorCount=" + count1 + ",errortime=getdate() where username=@name"; p = new SqlParameter("@name", txtName.Text); SqlHelper.ExecuteNonQuery(sql, p); } } else { //不足三次 if (errorTime1 <= 15) { int count1 = 0; if (pwd1.Equals(pwd2)) { count1 = 0; MessageBox.Show("成功"); } else { count1 = errorCount + 1; MessageBox.Show("密码错误"); } sql = "update userinfo set errorCount=" + count1 + ",errortime=getdate() where username=@name"; p = new SqlParameter("@name", txtName.Text); SqlHelper.ExecuteNonQuery(sql, p); } else { int count1 = 0; if (pwd1.Equals(pwd2)) { count1 = 0; MessageBox.Show("成功"); } else { count1 = 1; MessageBox.Show("密码错误"); } sql = "update userinfo set errorcount=" + count1 + ",errortime=getdate() where username=@name"; p = new SqlParameter("@name", txtName.Text); SqlHelper.ExecuteNonQuery(sql, p); } } } else { MessageBox.Show("用户名不存在"); } } #endregion } } }