Results 1 to 3 of 3
  1. #1
    Join Date
    Dec 2009
    Posts
    2

    Unanswered: SQL error from VB.Net

    I am new to SQL and am working on a school project. I am using the code below in VB.Net to verify login information. When the correct username and password in my database are entered, a new form pops up. When an incorrect username or password is entered, an error window pops up. The code below works correctly the first time a login is entered.If the login is correct, it shows the next form. If the login is incorrect, it shows the error popup. But when another username and password are entered (even the correct login), I get these SQL errors:

    Parameterized Query '(@username nvarchar(2),@password nvarchar(3),@Parameter1 nvarcha' expects parameter @Parameter1, which was not supplied.

    myreader.HasRows = {"Invalid attempt to call HasRows when reader is closed."}

    Any ideas as to what is happening?

    Thanks
    -------------------------------

    Private Sub btnLogin_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnLogin.Click

    SQLConn.ConnectionString = "server=localhost;INITIAL CATALOG=catalog;trusted_connection=true"

    SQLcommand.Connection = SQLConn
    SQLcommand.CommandType = CommandType.Text
    SQLcommand.CommandText = "select username, password from login where username = @username and password = @password"

    SQLcommand.Parameters.Add(New SqlParameter)
    SQLcommand.Parameters.Item(0).DbType = DbType.String
    SQLcommand.Parameters.Item(0).ParameterName = "@username"
    SQLcommand.Parameters.Item(0).Direction = ParameterDirection.Input
    SQLcommand.Parameters.Item(0).Value = txtUser.Text

    SQLcommand.Parameters.Add(New SqlParameter)
    SQLcommand.Parameters.Item(1).DbType = DbType.String
    SQLcommand.Parameters.Item(1).ParameterName = "@password"
    SQLcommand.Parameters.Item(1).Direction = ParameterDirection.Input
    SQLcommand.Parameters.Item(1).Value = txtPass.Text

    SQLConn.Open()
    myreader = SQLcommand.ExecuteReader

    myreader.Read()
    If myreader.HasRows Then
    Form1.ShowDialog()
    Else
    MessageBox.Show("Not Found", "Login")
    End If

    SQLConn.Close()
    txtUser.Clear()
    txtPass.Clear()
    End Sub

  2. #2
    Join Date
    Jan 2003
    Location
    British Columbia
    Posts
    44
    You are adding the same parameters to SQLCommand everytime the procedure is called. So on the second call, the total number of parameters is 4 but you only specify the values for 2.

    Use the SQLCommand.Parameters.Clear method before adding the parameters
    or use an If statement that checks if the parameters already exist.
    or move the declaration of SQLCommand into the procedure.

    The HasRows method should be called before calling the Read method.

    Code:
    If myreader.HasRows Then
      myreader.Read()
      Form1.ShowDialog()
    Else
      MessageBox.Show("Not Found", "Login")
    End If

  3. #3
    Join Date
    Dec 2009
    Posts
    2
    Thank You!

    The clear command is what I needed.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •