Checking if username already exists within the databasae [closed]

i am trying to check against the database table "user" to see if the "username" exists so that the same username cannot be created again. I want this to be a validator so if the username exists the message box will show it exists.

Please guide me through this, i have the following code so far behind the button to add and check if username exists:

private void btnSignupNew_Click(object sender, EventArgs e)
        {

           if (txtUsername.Text == "")
           {
               errorUsername.SetError(txtUsername, "Enter A Username");
           }

           else if (txtPassword.Text == "")
           {
               errorPassword.SetError(txtPassword, "Enter A Valid Password");
           }

               //so if there isnt no error in the fields itll go on and add the data in to the database.
           else{

            //instance of sqlConnection
            SqlConnection con = new SqlConnection("Data Source=etc");

            //instance of sqlCommand
            SqlCommand cmd = new SqlCommand("INSERT INTO [User] values ('" + txtForename.Text + "', '" + txtSurname.Text + "', '" + txtUsername.Text + "', '" + txtPassword.Text + "' )", con);
            con.Open();
            cmd.ExecuteNonQuery();

            //query executed correcty or not
           con.Close();

As a good pratice, try to keep your persistence using Parameters to avoid SQL Injection.

Try something liek this:

private void btnSignupNew_Click(object sender, EventArgs e)
{

   if (txtUsername.Text == "")
   {
       errorUsername.SetError(txtUsername, "Enter A Username");
   }
   else if (txtPassword.Text == "")
   {
       errorPassword.SetError(txtPassword, "Enter A Valid Password");
   }
   else
   {
        using (SqlConnection con = new SqlConnection("Data Source=etc")) 
        {
            con.Open();

            bool exists = false;

            // create a command to check if the username exists
            using (SqlCommand cmd = new SqlCommand("select count(*) from [User] where UserName = @UserName", con))
            {
                cmd.Parameters.AddWithValue("UserName", txtUsername.Text);
                exists = (int)cmd.ExecuteScalar() > 0;
            }

            // if exists, show a message error
            if (exists)
                errorPassword.SetError(txtUsername, "This username has been using by another user.");
            else 
            {
                            // does not exists, so, persist the user
                using (SqlCommand cmd = new SqlCommand("INSERT INTO [User] values (@Forname, @Surname, @Username, @Password)", con))
                {
                    cmd.Parameters.AddWithValue("Forname", txtForname.Text);
                    cmd.Parameters.AddWithValue("Surname", txtSurname.Text);
                    cmd.Parameters.AddWithValue("UserName", txtUsername.Text);
                    cmd.Parameters.AddWithValue("Password", txtPassword.Text);

                    cmd.ExecuteNonQuery();
                }               
            }

            con.Close();
        }   
    }
}

来源：https://stackoverflow.com/questions/15118294/checking-if-username-already-exists-within-the-databasae

标签

winforms

visual-studio-2012

validation

username