Click here to Skip to main content
14,421,821 members
Rate this:
Please Sign up or sign in to vote.
See more:
My project simply stores employee information along with their photos in MS Access database.
I have an MDIform with menu 'PEProfile'. When this menuitem is clicked the form load event is fired where the Navigaterecords() sub is executed. finally i get the error message as given below:

System.ArgumentException was unhandled
  Message="Parameter is not valid."
  Source="System.Drawing"


Could you please help me to fix this?

Thank you
M D SHIVARAM

What I have tried:

Private Sub PEProfilefrm_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
        Me.MdiParent = MDIParent1
        Me.SetStyle(ControlStyles.UserPaint, True)
        Me.SetStyle(ControlStyles.AllPaintingInWmPaint, True)
        Me.SetStyle(ControlStyles.OptimizedDoubleBuffer, True)
        Browse.Enabled = False
        Dim tm As String
        inc = 0
        FillCombo()

        Con = New OleDbConnection(cnString)
        tm = ComboBox1.SelectedItem.ToString
        Dim SQLstr As String = "Select * from Images where Team = '" & tm & "'"

        Try
            Con.Open()
        Catch ex As Exception
            MsgBox(ex.Message)
        End Try

        Adapter = New OleDb.OleDbDataAdapter(SQLstr, Con)
        DS = New DataSet
        Adapter.Fill(DS, "Pyramid")
        MaxRows = DS.Tables("Pyramid").Rows.Count
        TotalPElbl.Text = "Total PE's :" & MaxRows
        NavigateRecords()

    End Sub

    Private Sub ComboBox1_SelectionChangeCommitted(ByVal sender As Object, ByVal e As System.EventArgs) Handles ComboBox1.SelectionChangeCommitted
        Dim msm As String
        Dim sqlcmd As String

        Con.Close()

        msm = ComboBox1.SelectedItem.ToString
        sqlcmd = "Select * from Images where Team = '" & msm & "'"

        Try
            Con.Open()
        Catch ex As Exception
            MsgBox(ex.Message)
        End Try

        Adapter = New OleDb.OleDbDataAdapter(sqlcmd, Con)
        DS = New DataSet
        Adapter.Fill(DS, "Pyramid")
        DT = DS.Tables("Pyramid")
        NavigateRecords()

    End Sub

Public Sub NavigateRecords()

        Try
            Dim fstrmImage As New FileStream("ASPE-Pyramid.jpg", FileMode.Create)
            Dim blob As Byte() = DirectCast(DS.Tables("Pyramid").Rows(inc).Item(1), Byte())

            fstrmImage.Write(blob, 0, blob.Length)

            Dim MyImage As Image = Image.FromStream(fstrmImage)
            PictureBox1.Image = MyImage
            PictureBox1.SizeMode = PictureBoxSizeMode.StretchImage
            PictureBox1.Refresh()

            TextBox1.Text = DS.Tables("Pyramid").Rows(inc).Item(2).ToString
            TextBox2.Text = DS.Tables("Pyramid").Rows(inc).Item(3).ToString
            TextBox3.Text = DS.Tables("Pyramid").Rows(inc).Item(4).ToString
            TextBox4.Text = DS.Tables("Pyramid").Rows(inc).Item(5).ToString

            fstrmImage.Close()
            fstrmImage = Nothing
            MyImage.Dispose()
            MyImage = Nothing

        Catch ex As Exception
            MsgBox(ex.Message)
        End Try
    End Sub

Private Sub PEProfileMenuItem_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles PEProfileMenuItem.Click
        ActiveMdiChild.Close()
        Dim frm4 As New PEProfilefrm
        frm4.MdiParent = Me
        frm4.Show()
      frm4.WindowState = FormWindowState.Maximized
    End Sub
Posted
Updated 18-Sep-19 3:07am
Comments
Richard Deeming 19-Sep-19 12:45pm
   
Dim SQLstr As String = "Select * from Images where Team = '" & tm & "'"


Don't do it like that!

Your code is vulnerable to SQL Injection[^]. NEVER use string concatenation to build a SQL query. ALWAYS use a parameterized query.

Everything you wanted to know about SQL injection (but were afraid to ask) | Troy Hunt[^]
How can I explain SQL injection without technical jargon? | Information Security Stack Exchange[^]
Query Parameterization Cheat Sheet | OWASP[^]
Member 14592882 21-Sep-19 0:33am
   
Actually the code shows the above error message at line frm4.WindowState = FormWindowState.Maximized. To show you the full scenario the full code was displayed. I hope now you could help me to fix this.

1 solution

Rate this:
Please Sign up or sign in to vote.

Solution 1

See here: Why do I get a "Parameter is not valid." exception when I read an image from my database?[^] - the code is C#, but it's the exact same solution, and teh code is pretty simple. If you can;t work it out, then this may help: Code Converter C# to VB and VB to C# – Telerik[^]
   

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month



CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100