By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
424,982 Members | 1,919 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 424,982 IT Pros & Developers. It's quick & easy.

Login form error

Ajay Bhalala
100+
P: 119
I have created 1 login form.

I have used the MS ACCESS database as backend tool.
Table Name : UserAccount
Fields : username password

I written the code as below ...

Button1=Login button

Expand|Select|Wrap|Line Numbers
  1. Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
  2.  
  3.         Dim con As New OleDbConnection("Provider=microsoft.jet.oledb.4.0 ; Data Source=E:\Brinda & Jay\Brinda\02 S.Y\VB.NET\My Project\Project.mdb")
  4.  
  5. con.Open()
  6.  
  7. qry = "select count(id) from UserAccount where username= ' " & txtUserName.Text & " ' and password= ' " & txtPassword.Text & " ' ;"
  8.  
  9. Dim cmd As New OleDbCommand(qry, con)
  10. Dim da As New OleDbDataAdapter(cmd)
  11. ans = cmd.ExecuteScalar()
  12. If ans > 0 Then
  13.     MsgBox("Accessed")
  14. Else
  15.     MsgBox("Not Accessed")
  16. End If
  17. con.Close()
  18. End Sub
  19.  
There is no error in this code, but when I run this form, and enter the right username and password, then also it displays the magbox "Not Accessed". What can I do about this?
Dec 1 '14 #1

✓ answered by Frinavale

Then supply it with non-null parameters.
I just took the code that I posted from the msdn example which means you probably need to modify it for your purpose.

Do you understand what non-null means?
It means that you have declared a variable but not instantiated it yet.

So, to fix Null problems ensure that the variables are instantiated before using them.

To instantiate something you use the keyword new.

Like this:
Expand|Select|Wrap|Line Numbers
  1. Dim uNameParam As New OleDbParameter("@UserName", OleDbType.VarChar, 80)
  2. Dim passParam As New OleDbParameter("@Password", OleDbType.VarChar, 80)
  3.  
  4. ' Now uNameParam and passParam are instantiated (not null)
  5. ' So you can use them
  6. uNameParam.Value = txtUserName.Text
  7. passParam.Value = txtPassword.Text
  8.  
  9. 'And then add them to the parameters property of the command
  10. command.Parameters.Add(uNameParam)
  11. command.Parameters.Add(passParam)
  12.  

Share this Question
Share on Google+
19 Replies


Frinavale
Expert Mod 5K+
P: 9,731
The OleDbCommand.ExecuteScalar Method returns the first column of the first row in the result set returned by the query.

Are you sure this is what you want?

I think what you probably want to use the OleDbCommand.ExecuteReader Method and then check if the reader HasRows to determine if a row exists in the database with the user name and password provided.

You should always use the OleDbCommand.Parameters Property instead of dynamically building your SQL query string by directly inserting data provided by the user. This will prevent SQL insertion attacks and give you better caching ability for your SQL commands.

-Frinny
Dec 1 '14 #2

Frinavale
Expert Mod 5K+
P: 9,731
Michael,

This question was asked in the VB.NET forum, not the vb6 forum.
The answer to the question should be using the VB.NET controls and tools.
Dec 2 '14 #4

Ajay Bhalala
100+
P: 119
I have tried to create the login form in another way as follows

Expand|Select|Wrap|Line Numbers
  1. Imports System.Data.OleDb
  2.  
  3. Public Class Login
  4.  
  5. Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
  6.  
  7.         Dim con As New OleDbConnection("Provider=microsoft.jet.oledb.4.0 ; Data Source=E:\Brinda & Jay\Brinda\02 S.Y\VB.NET\My Project\Project.mdb")
  8.  
  9. con.Open()
  10.  
  11. Dim password As String
  12. password = Me.txtPassword.Text.ToString
  13. Dim da As New OleDbDataAdapter("select * from UserAccount where username=" & txtUserName.Text.ToString, con)
  14. Dim dt As New DataTable
  15. da.Fill(dt)
  16. Dim epassword As String = dt.Rows(0).Item("Password")
  17.  
  18. If password.CompareTo("epassword") Then
  19. MsgBox("Successful")
  20. Else
  21. MsgBox("Not Success")
  22. End If
  23.  
  24. con.Close()
  25. End Sub
  26. End Class
  27.  
but there is runtime error occured. "No value given for one or more required parameters."

And whrer I have to use OleDbCommand.Parameters Property in above 1st or 2nd code? and How can I use this property?

It is my college's exercise for connectivity in vb.net

I have tried it since a month, but there is nothing could be done in this. I have also tried many different methods, but nothing could be done.

Can you provide me a new successful code for this?
Please help me Frinny.
Dec 2 '14 #5

Frinavale
Expert Mod 5K+
P: 9,731
Ajay Bhalala,

The code you posted looks exactly the same as the code you posted previously.

I suggested that you probably didn't want to use the ExecuteScalar method, that you are probably interested in using the ExecuteReader command instead and then you could check the HasRows property to determine if any rows are returned, and I suggested that you should be using parameters.

By posting the links that I previously provided, I was recommending that you re-write your code to be something like this (The following is guideline and I have no idea if this is going to work as written):
Expand|Select|Wrap|Line Numbers
  1. Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
  2.  
  3.   Dim conString As String = "Provider=microsoft.jet.oledb.4.0 ; Data Source=E:\Brinda & Jay\Brinda\02 S.Y\VB.NET\My Project\Project.mdb"
  4.   Dim msg As String = "Access not checked" 
  5.  
  6.   Using connection As New OleDbConnection(conString)
  7.     Dim queryString = "select * from UserAccount where username= ? and password= ?;"
  8.     Dim command As New OleDbCommand(queryString, connection)
  9.     command.Parameters.Add(txtUserName.Text)
  10.     command.Parameters.Add(txtPassword.Text)
  11.  
  12.     connection.Open()
  13.     Dim reader As OleDbDataReader = command.ExecuteReader()
  14.  
  15.     If reader.HasRows
  16.       msg = "Access Permitted"
  17.     Else
  18.       msg = "NO Access Permitted"
  19.     End If
  20.  
  21.     reader.Close()
  22.   End Using
  23.   MsgBox(msg)
  24. End Sub

-Frinny
Dec 2 '14 #6

Ajay Bhalala
100+
P: 119
If I take "conString" in place of "connectionString" following runtime error occured.

"The OleDbParameterCollection only accepts non-null OleDbParameter type objects, not String objects."

in line 8 in above code.
Dec 2 '14 #7

Ajay Bhalala
100+
P: 119
Thank you for your quick reply. Can you provide me your full code?

I mean to say can you give me a new full code for the login form?
Dec 2 '14 #8

Frinavale
Expert Mod 5K+
P: 9,731
That error message suggests that the Parameters property expects to have OleDbParameter types added to it and not String types.

In my code I added just strings...

You need to modify your code to provide proper parameters.

Maybe something like this:
Expand|Select|Wrap|Line Numbers
  1. command.Parameters.Add("@UserName", OleDbType.VarChar, 80).Value = txtUserName.Text
  2. command.Parameters.Add("@Password", OleDbType.VarChar, 80).Value = txtPassword.Text
  3.  
See the documentation links for more information.

-Frinny
Dec 2 '14 #9

Ajay Bhalala
100+
P: 119
If I use this, and run my application, then msgbox is displays..
MsgBox Title : Microsoft Visual Basic 2008 Express Edition.
MsgBox Text : There is no source code available for the current loaction.

and if I click OK in msgbox, runtime error occured, "The OleDbParameterCollection only accepts non-null OleDbParameter type objects, not String objects." in 'command.Parameters.Add("@UserName", OleD' with dull green color.

What can I do?
Dec 3 '14 #10

Frinavale
Expert Mod 5K+
P: 9,731
Then supply it with non-null parameters.
I just took the code that I posted from the msdn example which means you probably need to modify it for your purpose.

Do you understand what non-null means?
It means that you have declared a variable but not instantiated it yet.

So, to fix Null problems ensure that the variables are instantiated before using them.

To instantiate something you use the keyword new.

Like this:
Expand|Select|Wrap|Line Numbers
  1. Dim uNameParam As New OleDbParameter("@UserName", OleDbType.VarChar, 80)
  2. Dim passParam As New OleDbParameter("@Password", OleDbType.VarChar, 80)
  3.  
  4. ' Now uNameParam and passParam are instantiated (not null)
  5. ' So you can use them
  6. uNameParam.Value = txtUserName.Text
  7. passParam.Value = txtPassword.Text
  8.  
  9. 'And then add them to the parameters property of the command
  10. command.Parameters.Add(uNameParam)
  11. command.Parameters.Add(passParam)
  12.  
Dec 3 '14 #11

Ajay Bhalala
100+
P: 119
Oh wow frinny...... thank you very very much for your help. I am so happy.
After all its done. I am so happy.... oh frinavale thank you very very very very much for the help.

Thank you so much. Thank you, thank you, thank you....

Frinavale you helps me lot. I am so happy. Its a big day for me in my life, thank you again frinny.

thanks again for all your helps and links provided by you.

All the information provided by you is very useful for me. VB.NET was my favorite subject. but while this login form is not done I have lost my interest from this subject, but now I have get my interest again in this subject due to you.

You solve my query which can't be solved by anything including my teacher, so I like my this subject VB.NET again.
Before I ask this question on this website, I have aked my whole teachers, my friends, etc, but no one can solve this and you solve it. So thank you very much.

Thanks frinny. and sorry for take your huge time.
Dec 4 '14 #12

Ajay Bhalala
100+
P: 119
I am sorry, but I still have a question.

In database, I have enter the "Brinda" in Username field and "MyProject" in Password field.

When I run my application, and enter the above username and password in form then it display "accessed", but when I enter the "brinda" in username's textbox and "myproject" in password's textbox in form then it also display "Accessed". I want to check the username and password case sensitively. Can I do this? If yes then How?

Thank you.
Dec 4 '14 #13

Frinavale
Expert Mod 5K+
P: 9,731
I am really happy you were able to solve your problem. The .NET framework is very powerful and never gets boring!

I haven't actually tried connecting to an Access Database like you are doing.

When I query my MS SQL database using:
Expand|Select|Wrap|Line Numbers
  1. Select * From userTable Where username='brinda' and password='myproject'
It will not work because it is case sensitive.

This may be something special with how Access processes select queries.

Aside form the odd behviour of select command, I think you may be interested in checking out the topic of .NET Principals and Identities.

An Identity contains information about the user's authentication details.... by this I mean it holds the user name and password and has a method that does the process of authenticating a provided user name and password (just like you are doing).

A Principal contains an Identity and once the user has been authenticate (logged in) the Principal class retrieves the "roles" or "permissions" that the user has privileges to.

This is really useful if your application has sections that are visible to some users (like the owner of a company or an IT administrator) that are not visible to other users (like a receptionist or line worker).

After authenticating (checking if the user name and password work), the rest of the application can be locked down or unlocked according to the permissions/roles assigned to the user.

The general topic to research would be "Authentication and Authorization in .NET". It is really cool and once you know how to use principals and identities you will be able to professionally implement multi-user applications!

Anyways, it's a really cool topic and if you want to try making your own custom Identity and Principal class feel free to ask questions about it.

In the meantime, I think it would be best to ask about why your select query is returning true for something that it is not true in the Access forum.....

Unless there is something else wrong.... Did you try authenticating something that you know isn't in your database? Like authenticating username:'Frinny' and password:'bytes'?

Does that return true or false?

-Frinny
Dec 4 '14 #14

Ajay Bhalala
100+
P: 119
Yes I have try authenticating something that isn't in my database. It returns msgbox "Not Accessed". There is no problem with wrong name or password, there is problem only with the case sensitivity.

and thanks for your information about .NET Principals and Identities. I will surely study this topics.

Really, VB.NET is very interesting subject.

Project making is not in our course for this year, but I am interested in Project Making. I want to make one project in this year, but I think I have not enough knowledge of VB.NET for making the Project in VB.NET. But now I think I have to start to make the project, because if I have any query, then I am sure you will solve my query and help me on my project. and I am sure you will give me ideas for how to make the software.

Thank You Frinny for help me lot and also for solve my queries. Thank you very much. Now I will start the making the software and which topic I select, I will say you tommorow. I am suer you will help me to make my first software.
Thanks again.
Dec 6 '14 #15

Ajay Bhalala
100+
P: 119
Hello Frinny,

I have decided that I will do the College Management System as my first Project.

As you say I have to use the Identities, but in my project, I dont want to use the high level controls. So as you say I have created in my Personal Login Form. but in my project, I have created the login form with new method.

This done successfully, but there are 2 warnings are occured.

Warning 1 : Variable 'data' is used before it has been assigned a value. A null reference exception could result at runtime.

Warning 2 : Variable 'data1' is used before it has been assigned a value. A null reference exception could result at runtime.

Here is my code..

Expand|Select|Wrap|Line Numbers
  1. Imports System.Data.OleDb
  2.  
  3. Public Class Form1
  4.  
  5.     Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
  6.  
  7.         Dim con As New OleDbConnection("provider=microsoft.jet.oledb.4.0; data source=E:\Brinda & Jay\Brinda\02 S.Y\VB.NET\My Project\Project.mdb")
  8.         Dim rd As OleDbDataReader
  9.         Dim data, data1 As String
  10.  
  11.         con.Open()
  12.         Dim cmd As New OleDbCommand("select * from UserAccount where username='" & txtUserName.Text & "' and password ='" & txtPassword.Text & "'", con)
  13.         rd = cmd.ExecuteReader()
  14.         If rd.Read() Then
  15.             data = rd.Item("username")
  16.             data1 = rd.Item("password")
  17.         End If
  18.  
  19.         If data = txtUserName.Text And data1 = txtPassword.Text Then
  20.             MsgBox("Login")
  21.         Else
  22.             MsgBox("Not")
  23.         End If
  24.         con.Close()
  25.      End Sub
  26. End Class
  27.  
There is no any problem, but just these 2 warnings are occured.
What can I do?

Thank You again.
Dec 8 '14 #16

Frinavale
Expert Mod 5K+
P: 9,731
To get rid of those errors is pretty simple: make sure the variables are instantiated before using them.

In this case you could just do:
Expand|Select|Wrap|Line Numbers
  1.  Dim data As String = ""
  2.  Dim data1 As String = ""
  3.  
In other cases, say you wanted to create a Student type you would use the new keyword.

Like this:
Expand|Select|Wrap|Line Numbers
  1. Dim studentA As New Student()
  2. studentA.Name = "Frinavale"
  3.  
If you didn't use the New keyword you would get the warning in code that you see and if you tried to run the application it would crash with a null reference exception because you used the variable studentA before instantiating it.

-Frinny
Dec 8 '14 #17

Ajay Bhalala
100+
P: 119
Ok thank you frinny. It works. thank you so much again.
Dec 8 '14 #18

Frinavale
Expert Mod 5K+
P: 9,731
There is a logical error on line 19 in the code you posted last:
Expand|Select|Wrap|Line Numbers
  1.  If data = txtUserName.Text And data1 = txtPassword.Text Then
If the user enters nothing and clicks the log in button...this will resolve to true but the person should not be granted access.
Dec 8 '14 #19

Ajay Bhalala
100+
P: 119
Ok frinny. Thansk so much for your help.
Dec 9 '14 #20

Post your reply

Sign in to post your reply or Sign up for a free account.