1.方法一与方法二均在下方代码中:
static bool verifyUser(string userName,string password)
{
string connectStr = "server=127.0.0.1;port=3306;database=mygamedb;user=root;password=000000;";
MySqlConnection conn=new MySqlConnection(connectStr);
try
{
conn.Open();
// string sql1 = "select * from users where username='" + username + "'and password='" + password + "'";//方法1
string sql2 = "select * from users where username=@username and password=@password";//方法二
MySqlCommand cmd = new MySqlCommand(sql2, conn);
//方法二中@username相当于在sql中声明一变量,此处需对其进行赋值
cmd.Parameters.AddWithValue("username",userName);
cmd.Parameters.AddWithValue("password",password);
MySqlDataReader reader= cmd.ExecuteReader();
if (reader.Read())//便于maim函数中进行验证
{
return true;
}
return false;
}
catch(Exception e)
{
Console.WriteLine(e.ToString());
}
finally
{
conn.Close();
}
return false;
}