如何在更改之前检查旧密码是否匹配?
How to check if old password matches before change it?
我有这个代码:
//Update login query
string sql = "ALTER LOGIN " + login.ToUpper() + " WITH PASSWORD = '" + password + "' OLD_PASSWORD = '" + oldpassword + "'";
//Try connection and execute
using (SqlConnection connection = new SqlConnection(GetConnection()))
{
connection.Open();
SqlCommand command = new SqlCommand(sql, connection);
command.CommandType = System.Data.CommandType.Text;
var result = command.ExecuteScalar();
connection.Close();
}
此 sql 查询更改数据库中的登录密码。请注意,它需要旧密码才能继续。不过,如果我传递了一个错误的旧密码,那么它会抛出一个 SQLException:
Cannot alter the login 'SEVA', because it does not exist or you do not have permission.
如何在执行此查询之前检查旧密码是否正确,以便向用户显示错误消息?
试试这个。你需要在 catch 中添加一些东西来告诉用户他没有输入正确的密码
//Update login query
string sql = "ALTER LOGIN " + login.ToUpper() + " WITH PASSWORD = '" + password + "' OLD_PASSWORD = '" + oldpassword + "'";
try {
//Try connection and execute
using (SqlConnection connection = new SqlConnection(GetConnection()))
{
connection.Open();
SqlCommand command = new SqlCommand(sql, connection);
command.CommandType = System.Data.CommandType.Text;
var result = command.ExecuteScalar();
connection.Close();
}
}
catch(SQLException)
{
//Do something here to tell the user something went wrong
}
我有这个代码:
//Update login query
string sql = "ALTER LOGIN " + login.ToUpper() + " WITH PASSWORD = '" + password + "' OLD_PASSWORD = '" + oldpassword + "'";
//Try connection and execute
using (SqlConnection connection = new SqlConnection(GetConnection()))
{
connection.Open();
SqlCommand command = new SqlCommand(sql, connection);
command.CommandType = System.Data.CommandType.Text;
var result = command.ExecuteScalar();
connection.Close();
}
此 sql 查询更改数据库中的登录密码。请注意,它需要旧密码才能继续。不过,如果我传递了一个错误的旧密码,那么它会抛出一个 SQLException:
Cannot alter the login 'SEVA', because it does not exist or you do not have permission.
如何在执行此查询之前检查旧密码是否正确,以便向用户显示错误消息?
试试这个。你需要在 catch 中添加一些东西来告诉用户他没有输入正确的密码
//Update login query
string sql = "ALTER LOGIN " + login.ToUpper() + " WITH PASSWORD = '" + password + "' OLD_PASSWORD = '" + oldpassword + "'";
try {
//Try connection and execute
using (SqlConnection connection = new SqlConnection(GetConnection()))
{
connection.Open();
SqlCommand command = new SqlCommand(sql, connection);
command.CommandType = System.Data.CommandType.Text;
var result = command.ExecuteScalar();
connection.Close();
}
}
catch(SQLException)
{
//Do something here to tell the user something went wrong
}