这次我真的需要帮助。我到处搜索,尝试过无数解决方案。但我似乎无法解决我的问题。现在我要问,请帮忙。我已经有这个问题了一个星期了。
ExecuteSQL("select * from account_database where idnum= @idnum and password= @pass")
'Dim idnum As New SqlParameter("@idnum", SqlDbType.VarChar)
'Dim pass As New SqlParameter("@pass", SqlDbType.VarChar, -1)
'idnum.Value = idnumtxt.Text
'pass.Value = output
'cmd.Parameters.Add(idnum)
'cmd.Parameters.Add(pass)
cmd.Parameters.Add("@idnum", SqlDbType.VarChar).Value = idnumtxt.Text
cmd.Parameters.Add("@pass", SqlDbType.VarChar, -1, "password").Value = output
那些注释掉的行是我试过的代码,还有我实现的代码也失败了。
错误消息以"Must declare scalar variable @idnum"
我真的需要帮助。请发光一点。
这是函数executeSQL包含的代码:
Public Shared Sub ExecuteSQL(ByVal strSQL As String)
Try
If connection.State = 1 Then ' check connection if open
connection.Close()
End If
' connection
connection.ConnectionString = "Data Source=.\SQLEXPRESS;AttachDbFilename=C:\Users\Jr\documents\visual studio 2010\Projects\VotingSystem\VotingSystem\Resources\Database.mdf;Integrated Security=True;User Instance=True"
connection.Open()
Dim rowAffected As Integer = 0
'cmd = New SqlCommand(strSQL, connection) 'buiding the sql command with the use of strSQL (sql statement) and connection (database connection)
cmd = New SqlCommand(strSQL, connection)
DARec = New SqlDataAdapter(strSQL, connection) 'buiding the adapter
cb = New SqlCommandBuilder(DARec)
rowAffected = cmd.ExecuteNonQuery() 'executing of sql statement
successID = 1
connection.Close()
Catch ex As Exception
successID = 0
MsgBox(ex.Message)
End Try
End Sub
谢谢,请帮忙。
答案 0 :(得分:3)
问题只是你在错误的顺序中这样做。您正在尝试在定义参数之前执行SQL语句。在定义参数之前,不需要ExecuteSQL()。它可能在ExecuteSQL()
中的以下行中断' See how many rows the query will impact
' Since @idnum and @pass are not defined until the
' ExecuteSQL() sub is finished, this line breaks.
rowAffected = cmd.ExecuteNonQuery()
您需要构建SqlCommand()以首先包含select语句,然后对您在字符串中定义的参数使用AddWithValue()。定义数据类型也是不必要的,因为您的数据库已经知道,并且表单验证应该处理输入。
' Define your connection
connection.ConnectionString = "Data Source=.\SQLEXPRESS;AttachDbFilename=C:\Users\Jr\documents\visual studio 2010\Projects\VotingSystem\VotingSystem\Resources\Database.mdf;Integrated Security=True;User Instance=True"
' Setup your SQL Command.
cmd = New SqlCommand("select * from account_database where idnum = @idnum and password = @pass", connection)
' Define the parameters you've created
cmd.Parameters.AddWithValue("@idnum", idnumtxt.Text)
cmd.Parameters.AddWithValue("@pass", output)
' Now execute your statement
connection.open()
cmd.ExecuteNonQuery()
connection.close()
以上是上述代码的更好版本,因为您现在了解事件的顺序。这可确保在发生异常时关闭连接。
strConn = "Data Source=.\SQLEXPRESS;AttachDbFilename=C:\Users\Jr\documents\visual studio 2010\Projects\VotingSystem\VotingSystem\Resources\Database.mdf;Integrated Security=True;User Instance=True"
strSQL = "select * from account_database where idnum = @idnum and password = @pass"
Using connection As New SqlConnection(strConn), cmd As SqlCommand(strSQL, connection)
cmd.Parameters.Add("@idnum", SqlDbType.VarChar).Value = idnumtxt.Text
cmd.Parameters.Add("@pass", SqlDbType.VarChar, -1, "password").Value = output
connection.Open()
cmd.ExecuteNonQuery()
End Using
答案 1 :(得分:0)
试试这个:
cmd.Parameters.AddWithValue("idnum", idnumtxt.Text)
参考:
答案 2 :(得分:0)
添加输入参数
应该是以下情况cmd.Parameters.Add("@idnum", idnumtxt.Text)
除非您cmd.parameters.add()之前需要executesql,因为您在executesql运行后正在定义您的参数。