未使用 vb 和 ms-access 为命令对象设置命令文本

如何解决未使用 vb 和 ms-access 为命令对象设置命令文本

问题： - 如果用户输入了现有数据（姓名、员工 ID、电话号码、用户名和密码），则显示一条消息进行验证。

这些是代码

我的数据库工作正常，但出现msgBox 提示未为命令对象设置命令文本

pro = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source=D:\SEM 5\CSC301\ASSESSMENT 3\database.accdb"
    connstring = pro
    myconnection.ConnectionString = connstring
    myconnection.open()


    Dim con As New OleDbConnection
    con.ConnectionString = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source=D:\SEM 5\CSC301\ASSESSMENT 3\database.accdb"
    con.open()

    Dim registercmd As OleDbCommand = New OleDbCommand("select * from users where [Librarian Name]='" & txtName.Text & "' or [Staff ID]='" &
                                                       txtStaffID.Text & "' or [Phone Number]='" & txtPhone.Text & "' or [Username]='" &
                                                       txtUsername.Text & "' or [Password]='" & txtPassword.Text & "'",con)
    Dim registerrd As OleDbDataReader = registercmd.ExecuteReader
    If (registerrd.Read() = True) Then
        Me.Hide()
        MessageBox.Show("Account Exist!","Error",MessageBoxButtons.OK,MessageBoxIcon.Error)
        Me.Hide()
        Me.Show()
        txtName.Clear()
        txtStaffID.Clear()
        txtPhone.Clear()
        txtUsername.Clear()
        txtPassword.Clear()
    Else
        command = "insert into users([Librarian Name],[Staff ID],[Phone Number],[Username],[Password]) 
               Values('" & txtName.Text & "','" & txtStaffID.Text & "','" & txtPhone.Text & "','" & txtUsername.Text & "','" & txtPassword.Text & "')"

        Dim cmd As OleDbCommand = New OleDbCommand(command,myconnection)
        cmd.Parameters.Add(New OleDbParameter("ID",CType(txtName.Text,String)))
        cmd.Parameters.Add(New OleDbParameter("Librarian Name",CType(txtStaffID.Text,String)))
        cmd.Parameters.Add(New OleDbParameter("Staff ID",CType(txtPhone.Text,String)))
        cmd.Parameters.Add(New OleDbParameter("Phone Number",CType(txtUsername.Text,String)))
        cmd.Parameters.Add(New OleDbParameter("Username",CType(txtPassword.Text,String)))
        cmd.Parameters.Add(New OleDbParameter("Password",String)))
        MsgBox("Account Created")

        Me.Hide()
        Login.ShowDialog()
    End If

    Try
        cmd.ExecuteNonQuery()
        cmd.dispose()
        myconnection.Close()
        txtName.Clear()
        txtStaffID.Clear()
        txtPhone.Clear()
        txtUsername.Clear()
        txtPassword.Clear()

    Catch ex As Exception
        MsgBox(ex.Message)
    End Try

解决方法

您的代码以几个未声明的变量开始。连接字符串变量可以是类级别变量，因此可以在多种方法中使用。然后打开一个直到代码执行到一半才使用的连接。不要直接在 .Execute... 之前打开连接。我在 Stack Overflow 上读到了一个很好的类比。连接就像冰箱门。只在必要时打开。尽快离开或放入你需要的东西。然后尽快关闭。您可以将连接字符串直接传递给连接的构造函数。

需要处理数据库对象。即使出现错误，Using...End Using 块也会为我们处理这个问题。我不得不猜测参数的数据类型。请检查您的数据库的类型是否正确并相应地更正代码。

Private ConStr As String = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source=D:\SEM 5\CSC301\ASSESSMENT 3\database.accdb"

Private Sub OpCode()
    Dim exists As Boolean
    Using con As New OleDbConnection(ConStr),registercmd As OleDbCommand = New OleDbCommand("select * from users where 
                                                            [Librarian Name]= @Name or 
                                                            [Staff ID]= @StaffID or 
                                                            [Phone Number]= @Phone or 
                                                            [Username]= @User or 
                                                            [Password]= @PWord;",con)
        With registercmd.Parameters
            .Add("@Name",OleDbType.VarWChar).Value = txtName.Text
            .Add("@StaffID",OleDbType.VarWChar).Value = txtStaffID.Text 'Often an ID is a numeric type. Check your database.
            .Add("@Phone",OleDbType.VarChar).Value = txtPhone.Text
            .Add("@User",OleDbType.VarWChar).Value = txtUsername.Text
            .Add("@PWord",OleDbType.VarWChar).Value = txtPassword.Text
        End With
        con.Open()
        Using registered = registercmd.ExecuteReader
            If registered.HasRows Then
                exists = True
            End If
        End Using
    End Using
    If exists Then
        MessageBox.Show("Account Exist!","Error",MessageBoxButtons.OK,MessageBoxIcon.Error)
    Else
        Using con As New OleDbConnection(ConStr),cmd As OleDbCommand = New OleDbCommand("insert into users([Librarian Name],[Staff ID],[Phone Number],[Username],[Password]) 
           Values(@Name,@StaffID,@Phone,@UserName,@PWord);",con)
            With cmd.Parameters
                .Add("@Name",OleDbType.VarWChar).Value = txtName.Text
                .Add("@StaffID",OleDbType.VarWChar).Value = txtStaffID.Text
                .Add("@Phone",OleDbType.VarChar).Value = txtPhone.Text
                .Add("@UserName",OleDbType.VarWChar).Value = txtUsername.Text
                .Add("@PWord",OleDbType.VarWChar).Value = txtPassword.Text
            End With
            con.Open()
            cmd.ExecuteNonQuery()
        End Using
        MsgBox("Account Created")
        Hide()
        Login.ShowDialog()
    End If
    txtName.Clear()
    txtStaffID.Clear()
    txtPhone.Clear()
    txtUsername.Clear()
    txtPassword.Clear()
End Sub

我看到的另一个坏问题。您似乎将密码存储为纯文本。所有密码都应加盐和加密。