我如何修復SignUp頁面中的if語句？

Question

如何解決的IF語句，以便當用戶試圖註冊使用已經存在的用戶名。目前，如果用戶名已存在，我的程序將不接受輸入的數據，但它仍會繼續到下一頁（即使數據未保存在數據庫中）。我需要知道的是如何消除的問題，以便當用戶輸入存在，它就會放棄該消息框中的錯誤，而不是移動到下一個頁面中的「用戶名」。

謝謝！

private void btnSignupNew_Click(object sender, EventArgs e) 
{  
    if (txtUsername.Text == "") 
    { 
     errorUsername.SetError(txtUsername, "Enter A Username"); 
    } 

    else if (txtPassword.Text == "") 
    { 
     errorPassword.SetError(txtPassword, "Enter A Valid Password"); 
    } 

    else 
    { 
     using (SqlConnection con = new SqlConnection("Data Source=etc")) 
     { 
     con.Open(); 
     bool exists = false; 

     // create a command to check if the username exists 
     using (SqlCommand cmd = new SqlCommand("select count(*) from [User] where UserName = @UserName", con)) 
     { 
      cmd.Parameters.AddWithValue("UserName", txtUsername.Text); 
      exists = (int)cmd.ExecuteScalar() > 0; 
     } 

     // if exists, show a message error 
     if (exists) 
     { 
      MessageBox.Show("Username: " + txtUsername.Text + " already Exists"); 
      //errorPassword.SetError(txtUsername, "This username has been using by another user."); 
     }  

     else 
     { 
      // does not exists, so, persist the user 
      using (SqlCommand cmd = new SqlCommand("INSERT INTO [User] values (@Forename, @Surname, @Username, @Password)", con)) 
      { 
       cmd.Parameters.AddWithValue("Forename", txtForename.Text); 
       cmd.Parameters.AddWithValue("Surname", txtSurname.Text); 
       cmd.Parameters.AddWithValue("UserName", txtUsername.Text); 
       cmd.Parameters.AddWithValue("Password", txtPassword.Text); 
       cmd.ExecuteNonQuery(); 
      } 
      } 
      con.Close(); 

      MessageBox.Show("Sucessfully Signed Up"); 
      Form1 signin = new Form1(); 
      signin.Show(); 
      this.Close(); 
     } 
    }  
} 

}

Answer 1

您的代碼總是要關閉表單並啓動登錄表單，不管用戶名是否已經存在與否，因爲邏輯做登錄表單執行後你的唯一性測試。它應該只發生在唯一性測試結束後。

更改您的邏輯是這樣的：

// if exists, show a message error 
if (exists) 
{ 
    MessageBox.Show("Username: " + txtUsername.Text + " already Exists"); 
      //errorPassword.SetError(txtUsername, "This username has been using by another user."); 
} 
else 
{ 
    // does not exists, so, persist the user 
    using (SqlCommand cmd = new SqlCommand("INSERT INTO [User] values (@Forename, @Surname, @Username, @Password)", con)) 
    { 
     cmd.Parameters.AddWithValue("@Forename", txtForename.Text); 
     cmd.Parameters.AddWithValue("@Surname", txtSurname.Text); 
     cmd.Parameters.AddWithValue("@UserName", txtUsername.Text); 
     cmd.Parameters.AddWithValue("@Password", txtPassword.Text); 

     cmd.ExecuteNonQuery(); 
    } 
    MessageBox.Show("Sucessfully Signed Up"); 
    Form1 signin = new Form1(); 
    signin.Show(); 
    this.Close(); 
} 
con.Close(); 

Answer 2

更改參數以如下所示以及 我還建議添加必要的某種驗證的編輯框，以防有人添加不當值從任何SQL Injectection防止個人我會爲編輯框創建屬性值，並通過在屬性值（S）。只是在你的代碼的建議

首先的問題，站出來我是以下行

cmd.Parameters.AddWithValue("UserName", txtUsername.Text); 

應該

cmd.Parameters.AddWithValue("@UserName", txtUsername.Text); 

// if exists, show a message error 
if (exists) 
{ 
    MessageBox.Show("Username: " + txtUsername.Text + " already Exists"); 
      //errorPassword.SetError(txtUsername, "This username has been using by another user."); 
} 
else 
{ 
    // does not exists, so, persist the user 
    using (SqlCommand cmd = new SqlCommand("INSERT INTO [User] values (@Forename, @Surname, @Username, @Password)", con)) 
    { 
     cmd.Parameters.AddWithValue("@Forename", txtForename.Text); 
     cmd.Parameters.AddWithValue("@Surname", txtSurname.Text); 
     cmd.Parameters.AddWithValue("@UserName", txtUsername.Text); 
     cmd.Parameters.AddWithValue("@Password", txtPassword.Text); 

     cmd.ExecuteNonQuery(); 
    } 
    MessageBox.Show("Sucessfully Signed Up"); 
    Form1 signin = new Form1(); 
    signin.Show(); 
    this.Close(); 
} 
con.Close();