LinkBack URL
About LinkBacks
Reply With Quote=
.........
|
|
|
|
VB.NET Forum Newbie
simple log in program with database access
i have make the simple code log in program with connect database.The below code have something problem.Can someone pro solve the problem.
Private Sub btnSignIn_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnSignIn.Click
Dim conn As New OleDb.OleDbConnection
Dim ds As New DataSet
Dim da As New OleDb.OleDbDataAdapter
Dim command As New OleDb.OleDbCommand
conn.ConnectionString = "PROVIDER=Microsoft.Jet.OLEDB.4.0;Data Source = C:\Documents and Settings\Prokiller\My Documents\Visual Studio Projects\in process\New Folder (2)22\username.mdb"
conn.Open()
command.CommandText = "SELECT * FROM [UserName] WHERE TblUserName'" & txtUserName.Text & "' AND Pin= '" & txtPin.Text & "';"
command.Connection = conn
da.SelectCommand = command
da.Fill(ds, "username")
Dim count = ds.Tables(0).Rows.Count
If count > 0 Then
MsgBox("ok")
Form2.Show()
Me.Hide()
Else
MsgBox("invalid")
End If
conn.Close()
End Sub
VB.NET Forum Idol
=
.........
VB.NET Forum Enthusiast
yeah Tom is right, you are missing the = but you have also said the column rather than the table
It should beCode:command.CommandText = "SELECT * FROM [UserName] WHERE TblUserName'" & txtUserName.Text & "' AND Pin= '" & txtPin.Text & "';"
or better stillCode:command.CommandText = "SELECT * FROM TblUserName WHERE [UserName] = '" & txtUserName.Text & "' AND Pin= '" & txtPin.Text & "';"
Code:command.CommandText = "SELECT * FROMFROM TblUserName WHERE UPPER([UserName]) LIKE '%" & txtUserName.Text.ToUpper & "%' AND UPPER(Pin) LIKE '%" & txtPin.Text.ToUpper & "%';"
If I solve your issue or you are happy with my response, please provide me with reputation by clicking the reputation link at the top right of my posts - thanks
VB.NET Forum Newbie
easy mistake.very hard to find it.sorry i newbie thank
Last edited by ogimy; 03-18-2010 at 11:08 AM.
VB.NET Forum Moderator
It's only hard to see because you made it so by complicating the code, parameterize the query:Originally Posted by ogimy
Other benefits include for example avoiding SQL injection.Code:.CommandText = "SELECT * FROM TblUserName WHERE [UserName] = @UserName AND Pin= @Pin" .Parameters.AddWithValue("@UserName", txtUserName.Text) .Parameters.AddWithValue("@Pin", txtPin.Text)
Further recommendations: Data Walkthroughs and/or Forms over Data Video Series
Some useful links: Learning videoes, Code Samples, WMI Code Creator, MSDN, The Code Project, WindowsClient.net, ASP.net, W3 Schools, Regular-Expressions.info, GDI+ FAQ
How to format posts with code blocks etc - present the problem/post properly
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
|
|
|
|
|
|
Bookmarks