You've commented out the line that fills the
DataSet
, so it doesn't contain a table called
Tabel
.
But you could have figured that out for yourself if you'd debugged your code. :doh:
Also, I'm guessing from the
Response.Redirect
line that this is an ASP.NET application; in that case,
MsgBox
will not work. At best, it will throw an exception indicating that the current process is not interactive. At worst, it will display a message
on the server, where nobody will ever see it, and then hang waiting for someone to press the "OK" button.
And finally, your application should never connect to the database using the
sa
account. That is a super-user which could be used to totally destroy your network. Instead, you should be using an account which has only the permissions needed to run your application.
And if that's your real
sa
passwords, change it
immediately to something secure. Don't pick important passwords from a
"list of the least secure passwords ever" article!
Oh, and also, the commented-out query line is vulnerable to
SQL Injection[
^].
NEVER use string concatenation to build a SQL query.
ALWAYS use a parameterized query.
Everything you wanted to know about SQL injection (but were afraid to ask) | Troy Hunt[
^]
How can I explain SQL injection without technical jargon? | Information Security Stack Exchange[
^]
Query Parameterization Cheat Sheet | OWASP[
^]
And you appear to be storing passwords in plain text, which is a terrible idea. You should only ever store a salted hash of the password, using a unique salt per record.
Secure Password Authentication Explained Simply[
^]
Salted Password Hashing - Doing it Right[
^]