The code you provided does not work on any numbers.
The only thing it does is
- construct some SQL query
- check its result
During the SQL-query-construction, the code does not assume any “numbers” to be provided. It actually uses a variable called
password_txt->Text, which suggests it’s some form of
TextBox control. The code gets the “Text” from it and pastes it into the query with no assumptions. If the “Text” contained numbers, it would paste numbers. If the “Text” contained “mom_dad-and-MYDOG”, the code would paste exactly that. Also, the code already ensures that the text will be wrapped with quotes (
...' " + Text + " ' ...), so the SQL syntax will be valid both for numbers and text.
BTW. mind that pasting the text into the query, with quotes ensured or not, forms a serious security issues. What if the text contains a quote? you really should be using QueryParameters here. This is serious, but this is a whole lot different story. Be sure to read about it.
Getting back to numbers/text – So, this code does not care about “numbers”. If your application does not allow the password to be “text”, then the cause must sit in some other chunk of the code.
Judging from that
password_txt -> Text, you’ve probably got a TextBox or something similar there. Check its
events section. It is very probable that you will find some TextChanged or KeyPressed or KeyDown event handler that will, for example, filter-out all key presses except numbers.
// edit: also check out the thing suggested by crashmstr – remove that extra spaces near the quotes I just mentioned.
' 213 ' might be coercible to 213, but
' mom ' will not match “mom” in the table. Another thing – be sure to check what datatype the
password column is in the database itself 😉