Query regarding SQL connection

Question

0.00/5 (No votes)

See more:

hi when i am trying to connect with dabase its showing error. even i have installed the microsoft engine 12.0 currently i am working with visual stuio 2012 and backend sql server 2008.

here is my code for sql

C#

If Trim(UsernameTextBox.Text) = "" Or Trim(PasswordTextBox.Text) = "" Then
          MsgBox("Please Enter Both Fields!", vbInformation, "Note")
      Else
          con.Open()
          Dim sql = "SELECT * FROM tblUser WHERE username = '" & SafeSqlLiteral(UsernameTextBox.Text, 2) & "' AND password = '" & SafeSqlLiteral(PasswordTextBox.Text, 2) & "'"

          Dim cmd = New OleDbCommand(sql, con)
          Dim dr As OleDbDataReader = cmd.ExecuteReader

          Try
              If dr.Read = False Then
                  MsgBox("Login Failed!", vbCritical, "Note")
              Else
                  MsgBox("Login Successful!", vbInformation, "Note")
                  frmMain.status.Items(0).Text = "Login as : " & Trim(UsernameTextBox.Text)
                  Dim datenow As Date = Now
                  frmMain.status.Items(2).Text = "Date and Time : " & datenow.ToString("MMMM dd, yyyy") & " " & TimeOfDay
                  con.Close()
                  Me.Hide()
                  frmMain.ShowDialog()
              End If
          Catch ex As Exception
              MsgBox(ex.Message)

          End Try

          con.Close()
      End If

What I have tried:

i have tried to connect with back end database to access the data once login is succesful.

Posted 7-Aug-16 19:06pm

Member 12650438

Updated 7-Aug-16 19:57pm

Add a Solution

Comments

an0ther1 8-Aug-16 1:25am

Hi,

Please improve your question by indicating where you receive the error message - at a guess I would suggest it is when you hit the line "con.Open()"
If so the issue is with your connection string - refer to SQL Connection Strings for a valid connection string for SQL Server - you do not need Microsoft Engine 12.0 as pretty much every version of Windows since XP has come with out-of-the-box support for SQL.
Kind Regards

Maciej Los 8-Aug-16 1:36am

How "con" variable is defined? Use Reply widget

Member 12650438 8-Aug-16 1:39am

-- code has been deleted --
this is the complete code Maciej los

Maciej Los 8-Aug-16 1:43am

Do not post code in comment. Instead of it, Improve your question!

Seems, a "con" object/variable has been nowhere defined.

Member 12650438 8-Aug-16 4:05am

wher is it to be defined

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Maciej Los · Accepted Answer · 2016-08-07T19:57:00

2 things:
1) a con object has been nowhere defined!
2) do not use string concatenation to build sql query. Intead of it, use parametrized queries.

For further details, please see:
SqlConnection Class (System.Data.SqlClient)[^]
SqlCommand Constructor (String, SqlConnection) (System.Data.SqlClient)[^]
SqlParameterCollection.Add Method (String, SqlDbType, Int32) (System.Data.SqlClient)[^]
SQL Server connection strings - ConnectionStrings.com[^]

C#

string connectionString = "Your connection string here!";
string commandText = "SELECT * FROM YourTable WHERE Field1 = @param1 AND Field2 = @param2";

using (SqlConnection connection = new SqlConnection(connectionString))
{
    SqlCommand command = new SqlCommand(commandText, connection);
    command.Parameters.Add("@param1", SqlDbType.NVarChar, 50);
    command.Parameters["@param1"].Value = "user1";
    command.Parameters.Add("@param2", SqlDbType.NVarChar, 50);
    command.Parameters["@param2"].Value = "password";

    try
    {
        connection.Open();
        //execute command here!


    }
    catch (Exception ex)
    {
        Console.WriteLine(ex.Message);
    }
}