1
I am doing a project and with Firebird database but, at the time of authenticating the user, is returning true even if there is no user registered in the database with the line if (ER.HasRows)
, and so is not falling into the else
. I’m not finding the error in the code.
Someone could help me?
FbConnection CON = new FbConnection();
CON.ConnectionString = Properties.Settings.Default.bdHTSisFinanceiro;
FbCommand CM = new FbCommand();
CM.CommandType = System.Data.CommandType.Text;
try
{
CM.CommandText = "SELECT * FROM TBUSUARIO WHERE LOGIN_USU = @LOGINUSU AND SENHA_USU = @SENHAUSU";
CM.Connection = CON;
CM.Parameters.Clear();
CM.Parameters.Add("LOGINUSU", FbDbType.VarChar).Value = usuario.Login;
CM.Parameters.Add("SENHAUSU", FbDbType.VarChar).Value = usuario.Senha;
FbDataReader ER;
CON.Open();
ER = CM.ExecuteReader();
if (ER.HasRows)
{
while (ER.Read())
{
usuario.Codigo = Convert.ToInt32(ER["COD_USU"]);
usuario.DataCadastro = Convert.ToDateTime(ER["DATACAD_USU"]);
usuario.Status = Convert.ToChar(ER["STATUS_USU"]);
usuario.Nome = Convert.ToString(ER["NOME_USU"]);
usuario.Login = Convert.ToString(ER["LOGIN_USU"]);
usuario.Senha = Convert.ToString(ER["SENHA_USU"]);
usuario.CpfCnpj = Convert.ToString(ER["CPF_USU"]);
usuario.Nivel = Convert.ToChar(ER["NIVEL_USU"]);
usuario.Email = Convert.ToString(ER["EMAIL_USU"]);
}
}
else
{
usuario.Login = null;
usuario.Senha = null;
}
return usuario;
}
catch (Exception ex)
{
throw ex;
}
finally
{
CON.Close();
}
For example, I have a Master user, password 123. If I type password mat 1, it returns true and enters the system. I only have this registered Master user. I put the breakpoint, it enters the if
and does not perform while (ER.Read())
. It’s weird: he shouldn’t be in if
. I never used Firebird. I think I did something wrong.
If you remove Hasrows and just leave while. Try it and see what you get. If you’re in the while doing that, otherwise, it’s because there’s nothing to read and then do what you put in the Hasrows Email.
– pnet
Were you in Debug? If you ran the
Read
while inspecting, Reader moves to the next line and does not execute. Try to run without debug and see if it gives the same result. Read on: http://stackoverflow.com/questions/8464012/asp-net-datareader-values and http://stackoverflow.com/questions/6493955/datareader-has-rows-and-data-trying-to-read-from-it-says-no-data-is-present– Marcus Vinicius
after
ER = CM.ExecuteReader();
show a messageMessageBox.Show(CM)
if there’s need to addToString()
and check whether thequery
is running correctly.– Hebert Lima