Click here to Skip to main content
15,355,133 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
Hello! So i have a Login Form and i have to insert Login and Password through SqlDataAdapter, but i don't know how to do it using TextBox of Login And Password, and i get the next error:
System.Data.SqlClient.SqlException: "The parameterized query '(@DocName nvarchar(50),@DocPass nvarchar(50))SELECT * FROM Docto' expects the parameter '@DocName', which was not supplied."


What I have tried:

Code of the form: 
<pre>public static SqlDataAdapter CreateCustomerAdapter(SqlConnection conn)
        {
            SqlDataAdapter adapter = new SqlDataAdapter();

            // Create the SelectCommand.
            SqlCommand command = new SqlCommand("SELECT * FROM Doctor " +
                "WHERE DocName = @DocName AND DocPass = @DocPass", conn);

            // Add the parameters for the SelectCommand.
            command.Parameters.Add("@DocName", SqlDbType.NVarChar, 50);
            command.Parameters.Add("@DocPass", SqlDbType.NVarChar, 50);

            adapter.SelectCommand = command;

            return adapter;
        }


        private void button1_Click(object sender, EventArgs e)

        {
            conn.Open();
            SqlDataAdapter sda = CreateCustomerAdapter(conn);
            DataTable dt = new DataTable();
            sda.Fill(dt);
            if (dt.Rows[0][0].ToString() == "1")
            {
                Home H = new Home();
                H.Show();
                this.Hide();
            }
            else
            {
                MessageBox.Show("Invalid login or password");
            }
            conn.Close();
        }


I think in the next lines
<pre>command.Parameters.Add("@DocName", SqlDbType.NVarChar, 50);
            command.Parameters.Add("@DocPass", SqlDbType.NVarChar, 50);
i should replace
SqlDbType.NVarChar, 50
with Textboxes DocName.Text and DocPassword.Text, but it doesn't seem to work.
Posted
Updated 11-Jun-21 9:30am
Comments
BillWoodruff 12-Jun-21 1:04am
   
Why would you insert data into a login form ? Isn't the idea of a login form not to give the user any clue about what they are supposed to enter ?
Richard Deeming 14-Jun-21 11:17am
   
NEVER store passwords in plain text!

Secure Password Authentication Explained Simply[^]
Salted Password Hashing - Doing it Right[^]

The fact that your code seems to be related to a medical system makes this even more shocking. If your code ever makes it into the real world, be prepared to face ludicrously huge fines for not securing medical data properly.

1 solution

Looking at your code, it looks like you aren't adding the values from your text boxes when creating the parameters. You need to add the values.

command.Parameters.Add("@DocName", SqlDbType.NVarChar, 50).Value = DocName.Text;
command.Parameters.Add("@DocPass", SqlDbType.NVarChar, 50).Value = DocPassword.Text;
   

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900