系統鎖定在VB.net

Question

後失敗的登錄嘗試我使用此代碼爲我的登錄表單：

Private Sub btnLogin_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnLogin.Click 
    Dim ErrorCount As Integer = 0 

    If (ErrorCount = 3) Then 
     MessageBox.Show(" The System has been Lock ", " Error! ", MessageBoxButtons.OK, MessageBoxIcon.Error) 
     Form3.Show() 
    Else 

     Dim con As OleDbConnection = New OleDbConnection(_ 
        "Provider=Microsoft.Jet.OLEDB.4.0;Data Source= UserPass.mdb;") 
     con.Open() 
     Dim str As String 
     str = "SELECT * FROM UserPass WHERE Username='" & txtUsername.Text & "' AND Password='" & txtPassword.Text & "'" 
     Dim cmd As OleDbCommand = New OleDbCommand(str, con) 
     cmd.Parameters.AddWithValue("user", txtUsername.Text) 
     cmd.Parameters.AddWithValue("pass", txtPassword.Text) 
     Dim sdr As OleDbDataReader = cmd.ExecuteReader() 
     ' It will be case sensitive if you compare usernames here. 
     If sdr.HasRows Then 
      If sdr.Read Then 
       If txtPassword.Text <> sdr("Password").ToString Or txtUsername.Text <> sdr("Username").ToString Then 
        MessageBox.Show(" Incorrect Username/Password. Login Denied ", " Error! ", MessageBoxButtons.OK, MessageBoxIcon.Error) 
        ErrorCount = ErrorCount + 1 
       Else 
        MessageBox.Show(" You are now Logged In! ", " Welcome! ", MessageBoxButtons.OK, MessageBoxIcon.Asterisk) 
        frmOne.Show() 
        Me.Hide() 
       End If 
      End If 
     Else 
      MessageBox.Show(" Incorrect Username/Password. Login Denied ", " Error! ", MessageBoxButtons.OK, MessageBoxIcon.Error) 
     End If 


     sdr.Close() 
     con.Close() 
    End If 

什麼即時試圖做的是當用戶無法登錄到系統的3倍，系統會顯示另一種表示系統被鎖定的形式，並且用戶需要從系統輸入密碼才能嘗試再次登錄。請幫助。

使用的MS Access數據庫的用戶名和密碼

Answer 1

兩個其他的答案的結合。您需要將聲明更改爲靜態，以便它保持狀態。 Dim ErrorCount As Integer = 0到Static ErrorCount As Integer

您還需要在用戶輸入無效用戶名的代碼路徑中添加一個減量。

MessageBox.Show(" Incorrect Username/Password. Login Denied ", " Error! ", MessageBoxButtons.OK, MessageBoxIcon.Error) 
ErrorCount = ErrorCount + 1 'add this here 

然後移動如果是這樣，它是SQL後，使該移動後con.close()

If (ErrorCount = 3) Then 
    MessageBox.Show(" The System has been Lock ", " Error! ", MessageBoxButtons.OK, MessageBoxIcon.Error) 
    Form3.Show() 
Else 

而且你似乎有關於參數化查詢一些混亂。如果您使用參數化查詢，那麼你並不需要連接你的SQL這應該是

str = "SELECT * FROM UserPass WHERE Username=@user AND Password=@pass" 

而且裏面，如果正常情況下

If txtPassword.Text <> sdr("Password").ToString Or txtUsername.Text <> sdr("Username").ToString Then 
    ' this code path is only evaluated if the database ignores the where clause or 
    ' the user changes the username or password textboxs whilst the database connection is proccessing and is therfore unnessacary 
    MessageBox.Show(" Incorrect Username/Password. Login Denied ", " Error! ", MessageBoxButtons.OK, MessageBoxIcon.Error) 
    ErrorCount = ErrorCount + 1 
Else 
    MessageBox.Show(" You are now Logged In! ", " Welcome! ", MessageBoxButtons.OK, MessageBoxIcon.Asterisk) 
    frmOne.Show() 
    Me.Hide() 
End If 

終於不用密碼保存爲下不應該是真實的純文本。使用來自System.Security.Cryptography namespace的散列與鹽。

Answer 2

你可以嘗試這樣的IM：

Dim ErrorCount As Int = 0 

If (ErrorCount =3) Then 
    MessageBox.Show(" The System has been Lock ", " Error! ", MessageBoxButtons.OK, MessageBoxIcon.Error) 

'Do stuff 
'Add Your Code to show new Form something like 
Me.Hide() 
Form3.Show() 


Else 

Dim con As OleDbConnection = New OleDbConnection(_ 
      "Provider=Microsoft.Jet.OLEDB.4.0;Data Source= UserPass.mdb;") 


con.Open() 
Dim str As String 
str = "SELECT * FROM UserPass WHERE Username='" & txtUsername.Text & "' AND Password='" & txtPassword.Text & "'" 
Dim cmd As OleDbCommand = New OleDbCommand(str, con) 
cmd.Parameters.AddWithValue("user", txtUsername.Text) 
cmd.Parameters.AddWithValue("pass", txtPassword.Text) 
Dim sdr As OleDbDataReader = cmd.ExecuteReader() 
' It will be case sensitive if you compare usernames here. 
If sdr.HasRows Then 
    If sdr.Read Then 
     If txtPassword.Text <> sdr("Password").ToString Or txtUsername.Text <> sdr("Username").ToString Then 
      MessageBox.Show(" Incorrect Username/Password. Login Denied ", " Error! ", MessageBoxButtons.OK, MessageBoxIcon.Error) 

      ErrorCount = ErrorCount + 1 

     Else 
      MessageBox.Show(" You are now Logged In! ", " Welcome! ", MessageBoxButtons.OK, MessageBoxIcon.Asterisk) 
      frmOne.Show() 
      Me.Hide() 
     End If 
    End If 
Else 
    MessageBox.Show(" Incorrect Username/Password. Login Denied ", " Error! ", MessageBoxButtons.OK, MessageBoxIcon.Error) 
End If 

    sdr.Close() 
    con.Close() 

End If 

問候

Answer 3

我不能完全肯定，我理解的問題。但是，這部分使得它聽起來像你對我試圖在你的程序的登錄嘗試失敗後鎖定計算機的整個桌面三次：

什麼即時試圖做的是，當用戶沒有要登錄系統3次，系統將顯示另一種表示系統已被鎖定的表格，並且用戶需要從系統中輸入密碼才能嘗試再次登錄。

我不確定這是個好主意。僅僅將用戶鎖定在您的程序而不是鎖定整個計算機是不夠的？可以這樣想：沒有理由對地方違規實施全球性懲罰。

但是，不管我是否認爲這是一個好主意，它在VB.NET中是完全可行的。所有您需要做的就是在您的計數器指示發生了三次失敗的登錄嘗試後調用LockWorkStation函數。此函數作爲Win32 API的一部分提供，因此要直接從.NET應用程序調用它，您需要使用P/Invoke。這個函數有一個相對簡單的簽名，所以它的定義應該不會太令人費解之一：

<DllImport("user32.dll", SetLastError=True)> _ 
Public Shared Function LockWorkStation() As Boolean 
End Function 

該功能對於它的使用一些重要的限制，即只能通過正在運行的進程被稱爲在交互式桌面上。但是，這對您來說不是問題，因爲您正在構建一個只能在交互式桌面上運行的GUI應用程序，並且您知道如果某人輸入了三次無效的密碼，他們肯定會登錄並坐在幾英尺的距離鍵盤。

調用你的代碼中神奇的是比較簡單的，雖然有可能爲函數失敗，你應該處理這些錯誤條件（免得有人找到一個安全後門到您的應用程序）：

If (FailedLogonAttempts < 3) Then 
    ' Do whatever... 
Else 
    ' Lock 'em out! 
    Dim success As Boolean = LockWorkstation() 
    If Not success Then 
     ' Uh-oh! An error occurred! You need to handle this, otherwise someone 
     ' might be able to gain unauthorized access to the system. 
     ' 
     ' For demonstration and debugging purposes, we'll throw an exception, 
     ' but that's obviously not a secure long-term solution. 
     Throw New Win32Exception(Marshal.GetLastWin32Error()) 
    End If 
End If 

---

如果你只是問如何解決現有的代碼，問題是，你的ErrorCode變量從沒有超出0您已經在btnLogin_Click方法，像這樣的頂部聲明它：

Dim ErrorCount As Integer = 0 

這是一個具有方法級範圍的常規變量。這意味着每次該方法運行並且不保留其值時，它都會重新初始化（爲0，就像您要求的那樣）。

如果要聲明一個變量，方法級範圍是不保留其價值，則需要使用Static keyword聲明變量，像這樣：

Static ErrorCount As Integer = 0 

一個偉大的方式來測試這些事情，並找出什麼是錯誤的是，在btnLogin_Check方法內設置斷點，並確切地看到變量具有什麼值！如果你這樣做了，你會注意到在執行過第一行之後，每次ErrorCount都被設置爲0。這將是你的直接線索，問題是什麼。那麼你只需要弄清楚如何讓價值堅持下去。現在你知道你使用Static關鍵字來做它（或者移動一個範圍，比如使它成爲你的Form類的一個成員，這樣它就可以和那個類的對象一樣長）。

Answer 4

Imports System.Data.OleDb 

公共類Form1中 私人嘗試爲整數= 3

Private Sub cmdLogin_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles cmdLogin.Click 
    Dim cn As New OleDbConnection("Provider=Microsoft.Ace.Oledb.12.0; Data Source=" & My.Application.Info.DirectoryPath.ToString() & "\BackUp\testing.Accdb;") 
    cn.Open() 
    If txtpassword.Text = "" Then 
     MsgBox("Please Enter Your Password !!!", MsgBoxStyle.Critical, "Attention...") 
     Exit Sub 
    End If 

    Dim dr1 As OleDbDataReader 
    Dim com1 As New OleDbCommand 

    com1.CommandText = "select [UserID],[Pass] from userinfo where userid = '" & txtUserID.Text & "'" 
    com1.Connection = cn 
    If cn.State = ConnectionState.Closed Then cn.Open() 
    dr1 = com1.ExecuteReader 
    If dr1.Read Then 
     If UCase(dr1("Pass")) = UCase(txtpassword.Text) Then 
      MessageBox.Show("Welecome") 
      Me.Close() 
     Else 
      MessageBox.Show("Wrong Password [" & attempt - 1 & "] Attempt(s) Remaing") 
      attempt -= 1 
      txtpassword.Focus() 
      If attempt = 0 Then 
       End 
      End If 
     End If 
     Exit Sub 

    Else 
     MessageBox.Show("Wrong UserID [" & attempt - 1 & "] Attempt(s) Remaing") 
     attempt -= 1 
     txtpassword.Focus() 
     If attempt = 0 Then 
      End 
     End If 
    End If 
    cn.Close() 
End Sub 

Private Sub cmdCancel_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles cmdCancel.Click 
    End 
End Sub 

Private Sub Form1_FormClosing(ByVal sender As Object, ByVal e As System.Windows.Forms.FormClosingEventArgs) Handles Me.FormClosing 
    Me.Dispose() 
End Sub 

末級