Click here to Skip to main content
15,888,802 members
Search within:


I am getting a error as object reference not set to object in VB.NET when I am trying to create login and signup form in visual studio by connecting
Please Sign up or sign in to vote.
1.00/5 (1 vote)
See more:
SQL
.NET
here is the code
C#
Imports System.Data.SqlClient
Imports System.IO
Imports System.Exception
Imports System.SystemException
Imports System.NullReferenceException
Public Class signupform

    Private Property reader As SqlDataReader

    Private Sub Button1_Click(sender As Object, e As EventArgs) Handles Button1.Click
        Dim TypeUser As String


        Dim level As Integer
        TypeUser = ComboBox2.Text
        If TypeUser = "adminstrator" Then
            level = 1
        ElseIf TypeUser = "users" Then
            level = 2
        ElseIf TypeUser = "others" Then
            level = 3
        End If
        Dim sql As String = "insert into employeeinfo(email,password,level)values('" & TextBox1.Text & "',convert(NVARCHAR(32),HashBytes('SHA1','" & TextBox2.Text & "'),2)," & level & ")"
        Signup(sql)
        MsgBox("signup success!")
    End Sub
    Private Sub Signup(ByVal sql As String)
        Dim cmd As New SqlCommand
        Try
            connection.Open()
            cmd.Connection = connection
            reader = cmd.ExecuteReader()
            cmd.CommandType = CommandType.Text
            cmd.CommandText = sql
            cmd.ExecuteNonQuery()
            cmd.Dispose()
            connection.Close()
        Catch ex As Exception
            MsgBox("Failed" & ex.ToString)

        End Try
    End Sub
    Private Sub signupform_load(sender As Object, e As EventArgs) Handles MyBase.Load
        ComboBox2.Text = "1"
    End Sub



End Class


What I have tried:

creating login and signup form
Posted
Updated 15-May-17 9:47am
v2
Add a Solution

2 solutions

This is one of the most common problems we get asked, and it's also the one we are least equipped to answer, but you are most equipped to answer yourself.

Let me just explain what the error means: You have tried to use a variable, property, or a method return value but it contains null - which means that there is no instance of a class in the variable.
It's a bit like a pocket: you have a pocket in your shirt, which you use to hold a pen. If you reach into the pocket and find there isn't a pen there, you can't sign your name on a piece of paper - and you will get very funny looks if you try! The empty pocket is giving you a null value (no pen here!) so you can't do anything that you would normally do once you retrieved your pen. Why is it empty? That's the question - it may be that you forgot to pick up your pen when you left the house this morning, or possibly you left the pen in the pocket of yesterdays shirt when you took it off last night.

We can't tell, because we weren't there, and even more importantly, we can't even see your shirt, much less what is in the pocket!

Back to computers, and you have done the same thing, somehow - and we can't see your code, much less run it and find out what contains null when it shouldn't.
But you can - and Visual Studio will help you here. Run your program in the debugger and when it fails, VS will show you the line it found the problem on. You can then start looking at the various parts of it to see what value is null and start looking back through your code to find out why. So put a breakpoint at the beginning of the method containing the error line, and run your program from the start again. This time, VS will stop before the error, and let you examine what is going on by stepping through the code looking at your values.

But we can't do that - we don't have your code, we don't know how to use it if we did have it, we don't have your data. So try it - and see how much information you can find out!


And please, stop doing things like that!
1) Never concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Use Parametrized queries instead.
2) Never store passwords in clear text - it is a major security risk. There is some information on how to do it here: Password Storage: How to do it.[^] - it's in C#, but it's pretty simple stuff.
3) Do yourself a favour, and stop using Visual Studio default names for everything - you may remember that "TextBox8" is the mobile number today, but when you have to modify it in three weeks time, will you then? Use descriptive names - "tbMobileNo" for example - and your code becomes easier to read, more self documenting, easier to maintain - and surprisingly quicker to code because Intellisense can get to to "tbMobile" in three keystrokes, where "TextBox8" takes thinking about and 8 keystrokes...
 
Share this answer
 
Posted
Never build an SQL query by concatenating with user inputs, it is named "SQL injection", it is dangerous for your database and error prone.
A single quote in a name and your program crash. If a user input like "Brian O'Conner" can crash your app, it is an SQL injection vulnerability.
SQL injection - Wikipedia[^]
SQL Injection[^]
 
Share this answer
 
Posted
Add a Solution

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month

Advertise
Privacy
Cookies
Terms of Use
Last Updated 15 May 2017
Layout: fixed | fluid
Copyright © CodeProject, 1999-2024
All Rights Reserved.

Web03 2.8:2024-04-02:1

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900