你确实有一个休息时间可以让你走出循环。但是，你应该做的是缩小搜索范围以便开始，这样你就不会从数据库中将所有行都返回到你的代码中。



做更多的事情：

You do have a break which should get you out of the loop. However, what you should do is narrow down the search to begin with so you aren't returning all rows to your code from the database.

Do something more like:

oledbcommand.CommandText = "Select * from SHRMSUSR WHERE username = @username AND password = @password";
oledbcommand.Parameters.AddWithValue("@username", usernameDB);
oledbcommand.Parameters.AddWithValue("@password", passwordDB);

OleDbDataReader dr = oledbcommand.ExecuteReader();
if (dr.HasRows)
{
  // this means it found a record
}

http://msdn.microsoft.com/en-us/library/system.data.oledb .oledbdatareader.aspx [ ^ ]

加密然后解密密码没有意义，并且是不必要的危险。您永远不应该在任何地方存储任何密码，身份验证不需要它。相反，您可以存储密码的加密哈希函数并将哈希值与哈希进行比较。

请参阅我过去的答案以获取更多详细信息：

我已经加密了我的密码，但是当我登录时它给了我一个错误。如何解密 [ ^ ] ，

解密加密密码 [ ^ ]，

存储密码值int sql server with secure方式 [ ^ ]。

-SA

Encrypting and then decrypting password does not make sense and is unnecessarily dangerous. You should never store any passwords anywhere, it is not needed for authentication. Instead, you can store cryptographic hash function of a password and compare hash with hash.
Please see my past answers for further detail:
i already encrypt my password but when i log in it gives me an error. how can decrypte it[^],
Decryption of Encrypted Password[^],
storing password value int sql server with secure way[^].

—SA

public bool isAuthenticated(string userID, string password)
        {
            if (conn.State.ToString() == "Closed")
            {
                conn.Open();
            }
            SqlCommand newCmd = conn.CreateCommand();
            newCmd.Connection = conn;
            newCmd.CommandType = CommandType.Text;
            newCmd.CommandText = "SELECT [UserID]  ,[Department] ,[UserName] ,[Password] ,[Active] FROM [Traveller].[dbo].[User_Details] where [UserID]= '" + userID + "' and [Password]= '" + Security.Encrypt(password) + "'";

            SqlDataReader dr = newCmd.ExecuteReader();
            if (dr.HasRows)
            {
                while (dr.Read())
                {
                    UserInfo ui = new UserInfo(dr["UserID"].ToString(), dr["UserName"].ToString());
                }
                newCmd.Dispose();
                conn.Close();
                return true;
            }
            else
            {
                newCmd.Dispose();
                conn.Close();
                return false;
            }


        }

----------------- -------------------------------------------------- ----------

-------------------------------- ---------------------------------------------

-----------------------------------------------------------------------------
-----------------------------------------------------------------------------

class UserInfo
    {
        private static string _userId;
        private static string _fullName;
        public UserInfo(string userId ,string fullName)
        {
            _userId = userId;
            _fullName = fullName;
        }

        public UserInfo()
        {

        }

        public string UserId
        {
            get
            {
                return _userId;
            }
        }
        public string FullName()
        {
            return _fullName;
        }

        public string userID()
        {
            return _userId;
        }

    }