如何解决未使用 vb 和 ms-access 为命令对象设置命令文本
问题: - 如果用户输入了现有数据(姓名、员工 ID、电话号码、用户名和密码),则显示一条消息进行验证。
这些是代码
我的数据库工作正常,但出现msgBox提示未为命令对象设置命令文本
pro = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source=D:\SEM 5\CSC301\ASSESSMENT 3\database.accdb"
connstring = pro
myconnection.ConnectionString = connstring
myconnection.open()
Dim con As New OleDbConnection
con.ConnectionString = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source=D:\SEM 5\CSC301\ASSESSMENT 3\database.accdb"
con.open()
Dim registercmd As OleDbCommand = New OleDbCommand("select * from users where [Librarian Name]='" & txtName.Text & "' or [Staff ID]='" &
txtStaffID.Text & "' or [Phone Number]='" & txtPhone.Text & "' or [Username]='" &
txtUsername.Text & "' or [Password]='" & txtPassword.Text & "'",con)
Dim registerrd As OleDbDataReader = registercmd.ExecuteReader
If (registerrd.Read() = True) Then
Me.Hide()
MessageBox.Show("Account Exist!","Error",MessageBoxButtons.OK,MessageBoxIcon.Error)
Me.Hide()
Me.Show()
txtName.Clear()
txtStaffID.Clear()
txtPhone.Clear()
txtUsername.Clear()
txtPassword.Clear()
Else
command = "insert into users([Librarian Name],[Staff ID],[Phone Number],[Username],[Password])
Values('" & txtName.Text & "','" & txtStaffID.Text & "','" & txtPhone.Text & "','" & txtUsername.Text & "','" & txtPassword.Text & "')"
Dim cmd As OleDbCommand = New OleDbCommand(command,myconnection)
cmd.Parameters.Add(New OleDbParameter("ID",CType(txtName.Text,String)))
cmd.Parameters.Add(New OleDbParameter("Librarian Name",CType(txtStaffID.Text,String)))
cmd.Parameters.Add(New OleDbParameter("Staff ID",CType(txtPhone.Text,String)))
cmd.Parameters.Add(New OleDbParameter("Phone Number",CType(txtUsername.Text,String)))
cmd.Parameters.Add(New OleDbParameter("Username",CType(txtPassword.Text,String)))
cmd.Parameters.Add(New OleDbParameter("Password",String)))
MsgBox("Account Created")
Me.Hide()
Login.ShowDialog()
End If
Try
cmd.ExecuteNonQuery()
cmd.dispose()
myconnection.Close()
txtName.Clear()
txtStaffID.Clear()
txtPhone.Clear()
txtUsername.Clear()
txtPassword.Clear()
Catch ex As Exception
MsgBox(ex.Message)
End Try
解决方法
您的代码以几个未声明的变量开始。连接字符串变量可以是类级别变量,因此可以在多种方法中使用。然后打开一个直到代码执行到一半才使用的连接。不要直接在 .Execute...
之前打开连接。我在 Stack Overflow 上读到了一个很好的类比。连接就像冰箱门。只在必要时打开。尽快离开或放入你需要的东西。然后尽快关闭。您可以将连接字符串直接传递给连接的构造函数。
需要处理数据库对象。即使出现错误,Using...End Using
块也会为我们处理这个问题。我不得不猜测参数的数据类型。请检查您的数据库的类型是否正确并相应地更正代码。
Private ConStr As String = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source=D:\SEM 5\CSC301\ASSESSMENT 3\database.accdb"
Private Sub OpCode()
Dim exists As Boolean
Using con As New OleDbConnection(ConStr),registercmd As OleDbCommand = New OleDbCommand("select * from users where
[Librarian Name]= @Name or
[Staff ID]= @StaffID or
[Phone Number]= @Phone or
[Username]= @User or
[Password]= @PWord;",con)
With registercmd.Parameters
.Add("@Name",OleDbType.VarWChar).Value = txtName.Text
.Add("@StaffID",OleDbType.VarWChar).Value = txtStaffID.Text 'Often an ID is a numeric type. Check your database.
.Add("@Phone",OleDbType.VarChar).Value = txtPhone.Text
.Add("@User",OleDbType.VarWChar).Value = txtUsername.Text
.Add("@PWord",OleDbType.VarWChar).Value = txtPassword.Text
End With
con.Open()
Using registered = registercmd.ExecuteReader
If registered.HasRows Then
exists = True
End If
End Using
End Using
If exists Then
MessageBox.Show("Account Exist!","Error",MessageBoxButtons.OK,MessageBoxIcon.Error)
Else
Using con As New OleDbConnection(ConStr),cmd As OleDbCommand = New OleDbCommand("insert into users([Librarian Name],[Staff ID],[Phone Number],[Username],[Password])
Values(@Name,@StaffID,@Phone,@UserName,@PWord);",con)
With cmd.Parameters
.Add("@Name",OleDbType.VarWChar).Value = txtName.Text
.Add("@StaffID",OleDbType.VarWChar).Value = txtStaffID.Text
.Add("@Phone",OleDbType.VarChar).Value = txtPhone.Text
.Add("@UserName",OleDbType.VarWChar).Value = txtUsername.Text
.Add("@PWord",OleDbType.VarWChar).Value = txtPassword.Text
End With
con.Open()
cmd.ExecuteNonQuery()
End Using
MsgBox("Account Created")
Hide()
Login.ShowDialog()
End If
txtName.Clear()
txtStaffID.Clear()
txtPhone.Clear()
txtUsername.Clear()
txtPassword.Clear()
End Sub
我看到的另一个坏问题。您似乎将密码存储为纯文本。所有密码都应加盐和加密。
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。