从未使用OLEDB,标量变量错误

时间:2012-03-06 19:54:22

标签: vb.net oledb

我正在尝试为OLEDB连接建立连接,但由于我从未使用它,我真的不知道我做错了什么。我想,我设法在web.config文件中获得连接,但现在我得到'必须声明标量变量'错误。我以为我宣布了,但一定是错的。

Private Function GetBackUpAccountName(ByVal BAccount As String, ByRef Name As String) As Boolean
    'sql statement for baccount information in case BAccount is not found, search here next
    Dim backupsql As String = "select * from brokermaster bl WHERE BAccount = @BAccount"
    Using conn As New OleDbConnection(System.Configuration.ConfigurationManager.ConnectionStrings("BackUpConnectionString").ConnectionString)
        Using cmd As New OleDbCommand(backupsql, conn)
            cmd.Parameters.AddWithValue("@BAccount", BAccount)
            conn.Open()
            Using backuprdr As OleDbDataReader = cmd.ExecuteReader
                If (backuprdr.Read) Then
                    Name = backuprdr("Name").ToString()
                    Return True
                Else
                    Return False
                End If
            End Using
            conn.Close()
        End Using
    End Using
End Function

<add name="BackUpConnectionString" 
     connectionString="Provider=SQLOLEDB;Data Source=*******;Initial Catalog=DeskA;Persist Security Info=True;User ID=******;Password=******" 
     providerName="System.Data.OleDb"/>

此函数是我在页面上为SQL连接提供的另一个函数的副本。我必须获取客户端的帐户信息,如果在该数据库中找不到它们,我需要在显示错误之前搜索不同的数据库。这是有效的功能。它已经工作了几个月,今天要求我们搜索另一个数据库,然后弹出错误说他们的帐户没有找到。

Private Function GetAccountName(ByVal BAccount As String, ByRef FirstName As String, ByRef LastName As String) As Boolean
    'sql statement for baccount information
    Dim sql As String = "SELECT BAccount, First_Name, Last_Name FROM IB inner join IB_BUISNESS_INFORMATION ON (IB.IB_ID = IB_BUISNESS_INFORMATION.IB_ID) WHERE BAccount = @BAccount"
    Using conn As New SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings("IBConnectionString").ConnectionString)
        Using cmd As New SqlCommand(sql, conn)
            cmd.Parameters.AddWithValue("@BAccount", BAccount)
            conn.Open()
            Using rdr As SqlDataReader = cmd.ExecuteReader
                If (rdr.Read) Then
                    FirstName = rdr("First_Name").ToString()
                    LastName = rdr("Last_Name").ToString()
                    Return True
                Else
                    Return False
                End If
            End Using
            conn.Close()
        End Using
    End Using
End Function

1 个答案:

答案 0 :(得分:0)

OleDB使用位置参数。这样做...... 

Dim backupsql As String = "select * from brokermaster bl WHERE BAccount = ?"

在公共帖子中发布连接字符串的数据源值是有风险的。

相关问题
最新问题