62,025
社区成员
发帖
与我相关
我的任务
分享
挨着大神沾沾才气。大神正解。大神时刻提醒我们要注意单引
mycmd.CommandText = "select * from Admin where Aid='" & Aid.Replace("'", "''") & "' and password='" & 旧密码.Replace("'", "''") & "'"
Imports System.Data.Common
Public Class Class1
Shared connStr As String
Sub pass(ByVal Aid As String, ByVal 旧密码 As String, ByVal 新密码 As String, ByVal 确认新密码 As String)
Using mycon As New SqlClient.SqlConnection(connStr)
mycon.Open()
Dim mycmd As DbCommand = mycon.CreateCommand()
mycmd.CommandText = "select * from Admin where Aid='" & Aid & "' and password='" & 旧密码 & "'"
Dim reader As DbDataReader = mycmd.ExecuteReader()
If reader.Read = False Then Throw New Exception("没有记录。")
If 新密码 = 确认新密码 Then
mycmd.CommandText = "update Admin set password='" & 新密码 & "' where Aid='" & Aid & "'"
mycmd.ExecuteNonQuery()
Else
Throw New Exception("密码错误。")
End If
End Using
End Sub
End Class