给定一个或多个参数没有值（vb.net） [英] No value given one or more parameters(vb.net)

问题描述

我的代码有什么问题我为这种错误尝试了很多代码，但显然没有任何改变。我想要的是当我点击普通（radiobutton）并选择A（组合框）然后在RoomNo（组合框）中它将显示所有RoomNo那个roomtype =normal和building =A。



这里是我试过的所有代码：

What is the problem with my code i tried many code for this kind of error but apparently nothing's change . all i want is when i click normal(radiobutton) and select A(combobox) then in RoomNo(combobox) it will display all RoomNo that roomtype = "normal" and building = "A" .

here's all the code i tried :

Try
         cn.Open()

         If rdbNormal.Checked = True Then
             Dim selectquery As String

             selectquery = " SELECT * from RoomTable Where Building='" & cmbBuilding.Text & "' and RoomType = Normal"

             Dim selectcommand As New OleDbCommand
             With selectcommand
                 .CommandText = selectquery
                 .Connection = cn
                 .ExecuteNonQuery()
             End With
             cn.Close()
         End If
     Catch ex As Exception
         MsgBox(ex.Message)
     End Try

我的第二个代码：

my 2nd code :

Try
           cn.Open()
           If rdbNormal.Checked = True Then
               Dim DataSet As New DataSet
               Dim DataTable As New DataTable
               Dim DataAdapter As New OleDbDataAdapter("SELECT * FROM RoomTable Where Building = '" & cmbBuilding.Text & "' And RoomType = Normal ", cn)
               DataAdapter.Fill(DataTable)

               If DataTable.Rows.Count > 0 Then
                   With cmbRoomNo
                       .Items.Clear()
                       For i As Integer = 0 To DataTable.Rows.Count - 1
                           .Items.Add(DataTable.Rows(i).Item(3))
                       Next
                       .SelectedIndex = -1
                   End With
               End If
               DataTable.Dispose()
               DataAdapter.Dispose()
           End If
       Catch ex As Exception
           MsgBox(ex.Message)
       End Try
       cn.Close()

推荐答案

首先请不要在SQL语句中使用字符串连接，它会暴露你的数据库到SQL注入，如 http://bobby-tables.com/about.html [ ^ ]。使用正确的参数化查询。

其次，使用调试器几秒钟就会显示 cmbBuilding.Text 返回的值。

Firstly please do not use string concatenation in SQL statements, it exposes your database to SQL injection, as described at http://bobby-tables.com/about.html[^]. Use proper parameterised queries.
Secondly, a few seconds with your debugger would have shown you what value cmbBuilding.Text is returning.

这篇关于给定一个或多个参数没有值（vb.net）的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！