有关SQL连接的查询 [英] Query regarding SQL connection
本文介绍了有关SQL连接的查询的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
当我尝试连接dabase时显示错误。即使我已经安装了微软引擎12.0,目前我正在使用visual stuio 2012和后端sql server 2008.
这里是我的代码sql
hi when i am trying to connect with dabase its showing error. even i have installed the microsoft engine 12.0 currently i am working with visual stuio 2012 and backend sql server 2008.
here is my code for sql
If Trim(UsernameTextBox.Text) = "" Or Trim(PasswordTextBox.Text) = "" Then
MsgBox("Please Enter Both Fields!", vbInformation, "Note")
Else
con.Open()
Dim sql = "SELECT * FROM tblUser WHERE username = '" & SafeSqlLiteral(UsernameTextBox.Text, 2) & "' AND password = '" & SafeSqlLiteral(PasswordTextBox.Text, 2) & "'"
Dim cmd = New OleDbCommand(sql, con)
Dim dr As OleDbDataReader = cmd.ExecuteReader
Try
If dr.Read = False Then
MsgBox("Login Failed!", vbCritical, "Note")
Else
MsgBox("Login Successful!", vbInformation, "Note")
frmMain.status.Items(0).Text = "Login as : " & Trim(UsernameTextBox.Text)
Dim datenow As Date = Now
frmMain.status.Items(2).Text = "Date and Time : " & datenow.ToString("MMMM dd, yyyy") & " " & TimeOfDay
con.Close()
Me.Hide()
frmMain.ShowDialog()
End If
Catch ex As Exception
MsgBox(ex.Message)
End Try
con.Close()
End If
我尝试过:
i尝试连接后端数据库,以便在登录成功后访问数据。
What I have tried:
i have tried to connect with back end database to access the data once login is succesful.
推荐答案
2件事:
1)一个con
对象无法定义!
2)不要使用字符串连接来构建sql查询。 Intead,使用参数化查询。
欲了解更多详情,请参阅:
SqlConnection类(System.Data.SqlClient) [ ^ ]
SqlCommand构造函数(String,SqlConnection)(System.Data .SqlClient) [ ^ ]
SqlParameterCollection .Add方法(String,SqlDbType,Int32)(System.Data.SqlClient) [ ^ ]
SQL Server连接字符串 - ConnectionStrings.com [ ^ ]
2 things:
1) acon
object has been nowhere defined!
2) do not use string concatenation to build sql query. Intead of it, use parametrized queries.
For further details, please see:
SqlConnection Class (System.Data.SqlClient)[^]
SqlCommand Constructor (String, SqlConnection) (System.Data.SqlClient)[^]
SqlParameterCollection.Add Method (String, SqlDbType, Int32) (System.Data.SqlClient)[^]
SQL Server connection strings - ConnectionStrings.com[^]
string connectionString = "Your connection string here!";
string commandText = "SELECT * FROM YourTable WHERE Field1 = @param1 AND Field2 = @param2";
using (SqlConnection connection = new SqlConnection(connectionString))
{
SqlCommand command = new SqlCommand(commandText, connection);
command.Parameters.Add("@param1", SqlDbType.NVarChar, 50);
command.Parameters["@param1"].Value = "user1";
command.Parameters.Add("@param2", SqlDbType.NVarChar, 50);
command.Parameters["@param2"].Value = "password";
try
{
connection.Open();
//execute command here!
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
}
}
这篇关于有关SQL连接的查询的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文