我需要有关此的帮助,为此我一直在安静地工作...我想使用一个登录表单同时为admin和普通用户登录,但是登录后,其某些表单和/或表单中的按钮对于普通用户不可用。这是我登录时的代码:
If txtUsername.Text = "" Or txtPassword.Text = "" Then
MessageBox.Show("Please fill in all fields.", "Login Error", MessageBoxButtons.OK, MessageBoxIcon.Error)
Else
cn.ConnectionString = "Server=localhost; User Id=root; Password=''; Database=omt"
Try
Dim sql As String = "SELECT Username, Password, Position FROM tbl_account WHERE Username='" & txtUsername.Text & "' AND Password='" & txtPassword.Text & "'"
cmd = New MySqlCommand(sql, cn)
cmd.Connection = cn
cn.Open()
Dim dr As MySqlDataReader = cmd.ExecuteReader
If dr.Read = True Then
sql = ("SELECT Position FROM tbl_account WHERE Position = 'Admin'")
Me.Hide()
MDIParent1.Show()
ElseIf sql = ("SELECT Position FROM tbl_account WHERE Position = 'User'") Then
Me.Hide()
MDIParent1.Show()
Else
MessageBox.Show("Incorrect Username or Password.", "Login Failed", MessageBoxButtons.OK, MessageBoxIcon.Exclamation)
End If
Catch ex As Exception
MessageBox.Show("Failed to connect to databse. System Error:" & ex.Message, "Database Error", MessageBoxButtons.OK, MessageBoxIcon.Error)
End Try
If cn.State <> ConnectionState.Closed Then
cn.Close()
End If
End If
End If
我认为,您应该认真考虑修改身份验证机制。在数据库表中存储密码(更不用说明文形式了)不是一个好习惯。
话虽如此,您可以获取成功通过身份验证的用户的位置(假设它存储在一个非空的字符数据类型列中,例如varchar(n),如下所示:
]Dim position As String = Nothing
If dr.Read = True Then
position = dr("Position")
Select Case position
Case "Admin"
' TODO: Handle admin
Case "User"
' TODO: Handle user
Case Else
' TODO: Neither Admin nor User. Now what?
Else
MessageBox.Show("Incorrect Username or Password.",
"Login Failed", MessageBoxButtons.OK, MessageBoxIcon.Exclamation)
End If
然后,您可以根据需要处理每种情况(显示/隐藏正确的表单,启用或禁用表单控件等)。请原谅任何语法错误,因为我目前无法使用Visual Studio。