I receive error on (int v2 = cmd1.executenonquery(); ) [system.data.oledb.oledbexception: 'no value given for one or more required parameters.']

Question

0.00/5 (No votes)

See more:

public partial class Form1 : Form

    {
        OleDbConnection con1 = new OleDbConnection(@"Provider=Microsoft.ACE.OLEDB.12.0;Data Source=C:\Users\User\Desktop\mmA.accdb");
        int count1 = 0;
        OleDbConnection con2 = new OleDbConnection(@"Provider=Microsoft.ACE.OLEDB.12.0;Data Source=C:\Users\User\Desktop\MA.accdb");
        int count2 = 0;

        public Form1()
        {
            InitializeComponent();
        }

        private void button1_Click(object sender, EventArgs e)
        {
            string a = Convert.ToString(textBox1.Text);
            label2.Text = textBox1.Text.Substring(a.Length - 1);
            label1.Text = textBox1.Text.Remove(a.Length - 1, 1);

            count1 = 0;
            con1.Open();
            OleDbCommand cmd1 = con1.CreateCommand();
            cmd1.CommandType = CommandType.Text;
            cmd1.CommandText = "select * from Table1 where mmA='" + label1.Text + "'";
            int v1 = cmd1.ExecuteNonQuery();
            DataTable dt1 = new DataTable();
            OleDbDataAdapter Da1 = new OleDbDataAdapter(cmd1);
            Da1.Fill(dt1);
            count1 = Convert.ToInt32(dt1.Rows.Count.ToString());
            dataGridView1.DataSource = dt1;
            con1.Close();

            count2 = 0;
            con2.Open();
            OleDbCommand cmd2 = con2.CreateCommand();
            cmd2.CommandType = CommandType.Text;
            cmd2.CommandText = "select * from Table4 where MA='" + label2.Text + "'";
            int v2 = cmd1.ExecuteNonQuery();
            DataTable dt2 = new DataTable();
            OleDbDataAdapter Da2 = new OleDbDataAdapter(cmd2);
            Da2.Fill(dt2);
            count2 = Convert.ToInt32(dt2.Rows.Count.ToString());
            dataGridView2.DataSource = dt2;
            con2.Close();
        }

        private void Form1_Load(object sender, EventArgs e)
        {
            // TODO: This line of code loads data into the 'mADataSet.Table4' table. You can move, or remove it, as needed.
            this.table4TableAdapter.Fill(this.mADataSet.Table4);
            // TODO: This line of code loads data into the 'mmADataSet.Table1' table. You can move, or remove it, as needed.
            this.table1TableAdapter.Fill(this.mmADataSet.Table1);

        }

        private void dataGridView1_CellEnter(object sender, DataGridViewCellEventArgs e)
        {
            if (dataGridView1.Rows[e.RowIndex].Cells[e.ColumnIndex].Value != null)
            {
                dataGridView1.CurrentRow.Selected = true;
                textBox2.Text = dataGridView1.Rows[e.RowIndex].Cells["mmA"].FormattedValue.ToString();
                textBox3.Text = dataGridView1.Rows[e.RowIndex].Cells["cm3A"].FormattedValue.ToString();
            }
        }

        private void dataGridView2_CellEnter(object sender, DataGridViewCellEventArgs e)
        {
            if (dataGridView2.Rows[e.RowIndex].Cells[e.ColumnIndex].Value != null)
            {
                dataGridView2.CurrentRow.Selected = true;
                textBox5.Text = dataGridView2.Rows[e.RowIndex].Cells["MA"].FormattedValue.ToString();
                textBox6.Text = dataGridView2.Rows[e.RowIndex].Cells["CMA"].FormattedValue.ToString();
            }
        }

    }

What I have tried:

please tell me what i am doing wrong.Thanks in advance!

Posted 5-Apr-20 7:35am

anakinche

Updated 5-Apr-20 9:26am

Add a Solution

2 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

F-ES Sitecore · Answer 1 · 2020-04-05T08:32:00

Solution 1

For this line

int v2 = cmd1.ExecuteNonQuery();

you probably mean

int v2 = cmd2.ExecuteNonQuery();

Posted 5-Apr-20 8:32am

F-ES Sitecore

MadMyche · Answer 2 · 2020-04-05T09:28:00

Let's look at the block of code in question

C#

con2.Open();
	OleDbCommand cmd2 = con2.CreateCommand();
		cmd2.CommandType = CommandType.Text;
		cmd2.CommandText = "select * from Table4 where MA='" + label2.Text + "'";
	
		int v2 = cmd1.ExecuteNonQuery();

		DataTable dt2 = new DataTable();
		OleDbDataAdapter Da2 = new OleDbDataAdapter(cmd2);
		Da2.Fill(dt2);
	
		count2 = Convert.ToInt32(dt2.Rows.Count.ToString());
		dataGridView2.DataSource = dt2;
con2.Close();

What happens if I put this value into label2: '; DROP TABLE Table4
Oh I know, that table could disappear due to this code being susceptible to SQL Injection

The proper way to do this would be to use parameters:

C#

OleDbCommand cmd2 = con2.CreateCommand();
  cmd2.CommandType = CommandType.Text;
  cmd2.CommandText = "select * from Table4 where MA= ?";
  cmd2.Parameters.AddWithValue("@label2", label2.Text);

As previously mentioned
int v2 = cmd1.ExecuteNonQuery();
Is most likely a typo. Also, this command is associated with Connection1 from the previous block of code and that connection was closed after this command was run earlier.

Even if this were corrected... it is a little inefficient. You are running the SELECT statement twice in each block, first as NonQuery to get the count and then again to do the data fill.
Did you realize that count2 and v2 ideally are the same value? And why the conversion from an Int to a String and back to an Int?
count2 = Convert.ToInt32(dt2.Rows.Count.ToString());