Vb.net ms access register

Question

0.00/5 (No votes)

See more:

Hello
I'm having a problem here with registration to ms access database.
The error im having is this "Syntax Error in INSERT INTO statement"
i checked the code but i cannot find out what is the problem.

The column names are correct. Connection to database file is okay too. Where i make mistake?
Thanks

What I have tried:

VB

<pre>Public Sub RegisterUser()
        Try
            With cmd
                .Connection = conn
                .CommandText = "INSERT INTO Users (user,pass,admin) VALUES (@user,@pass,0)"
                .Parameters.AddWithValue("@user", Login.txtUsername.Text)
                .Parameters.AddWithValue("@pass", Login.txtPassword.Text)
                .ExecuteNonQuery()
                Result = .ExecuteNonQuery
                .Parameters.Clear()
            End With
        Catch ex As Exception
            MsgBox(ex.Message)
        Finally
            If Result > 0 Then
                MessageBox.Show("Sign Up Successful", "Warehouse Tool", MessageBoxButtons.OK, MessageBoxIcon.Information)
                Login.txtUsername.Text = ""
                Login.txtPassword.Text = ""
                Login.txtUsername.Focus()
            Else
                MessageBox.Show("Failed to register user!", "Warehouse Tool", MessageBoxButtons.OK, MessageBoxIcon.Warning)
                Login.txtUsername.Text = ""
                Login.txtPassword.Text = ""
                Login.txtUsername.Focus()
            End If
            cmd.Dispose()
            If conn IsNot Nothing Then
                conn.Close()
            End If
        End Try
    End Sub

Posted 31-May-20 4:00am

diablo22

Updated 31-May-20 4:55am

Add a Solution

2 solutions

Solution 2

VB

Public Shared Function EncryptPassword(password As String) As String
        'Simple Encryption
        'Dim PasswordBytes As Byte() = System.Text.Encoding.UTF8.GetBytes(password)
        'Dim EncryptedPassword As String = Convert.ToBase64String(PasswordBytes)
        'Return EncryptedPassword

        'SHA1 Encryption
        Dim sha1 As New SHA1CryptoServiceProvider()
        Dim PasswordBytes As Byte() = System.Text.Encoding.UTF8.GetBytes(password)
        Dim EncryptedPassword As String = System.Text.Encoding.UTF8.GetString(sha1.ComputeHash(PasswordBytes))
        Return EncryptedPassword

        'MD5 Encryption
        'Dim md5 As New MD5CryptoServiceProvider
        'Dim PasswordBytes As Byte() = System.Text.Encoding.UTF8.GetBytes(password)
        'Dim EncryptedPassword As String = System.Text.Encoding.UTF8.GetString(md5.ComputeHash(PasswordBytes))
        'Return EncryptedPassword

    End Function

Posted 31-May-20 4:57am

diablo22

Comments

Richard MacCutchan 31-May-20 11:09am

That is not encryption, it is hashing; you should change the method name.

diablo22 31-May-20 11:22am

i found this and used it with little edit anad the 3 options password is protected in database so if someone will need it can check it out too thats why i leave it.

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

OriginalGriff · Accepted Answer · 2020-05-31T04:14:00

"User" is an access reserved word, and you shouldn't use it as a column name. If you do, you have to escape the name:

SQL

INSERT INTO Users (`user`, pass, admin) ...

But ... you have a more serious problem: Never store passwords in clear text - it is a major security risk. There is some information on how to do it here: Password Storage: How to do it.[^]

And remember: if this is web based and you have any European Union users then GDPR applies and that means you need to handle passwords as sensitive data and store them in a safe and secure manner. Text is neither of those and the fines can be .... um ... outstanding. In December 2018 a German company received a relatively low fine of €20,000 for just that.