C# OLEDB ExecuteReader 错误
C# OLEDB ExecuteReader Error
我对在 Visual Studio 中使用 M-S Access 数据库还很陌生,因此我不熟悉 OLEDB 语法。我设法使用各种互联网资源创建了这个程序。到目前为止,我的程序让用户登录登录表单,然后根据用户名和密码字段测试数据,如果它们匹配,则将用户重定向到第二个表单,然后使用名称从 Access 数据库收集数据他们已经登录,但是当它尝试执行从数据库收集数据的代码时,我不断收到错误“没有为一个或多个必需参数给出值。”他们的名字。到目前为止,这是我的代码:
private void Form2_Load(object sender, EventArgs e)
{
string username = lblName.Text;
OleDbConnection con = new OleDbConnection(@"Provider=Microsoft.ACE.OLEDB.12.0;Data Source=C:\Users\Rhys\Documents\Visual Studio 2013\Projects\AssignmentTrackerV2\AssignmentTrackerV2\bin\Debug\ATDatabase.accdb");
DataTable dt = new DataTable();
con.Open();
OleDbDataReader dr = null;
OleDbCommand cmd = new OleDbCommand("SELECT [Name], [Surname], [Password], [ID] FROM MemberDetails WHERE [Name] = '" + username + "'", con);
//This is where the error is occuring.
**dr = cmd.ExecuteReader();**
while (dr.Read())
{
lblName.Text = (dr["Name"].ToString() + dr["Surname"].ToString());
lblCourseTitle.Text = (dr["CourseTitle"].ToString());
lblID.Text = "ID: " + (dr["MemberID"].ToString());
}
con.Close();
}
任何关于如何修复此错误的建议将不胜感激,如前所述,我对 OLEDB 语法相当陌生,如果有简单的解决方案,我深表歉意,谢谢!
乍一看,这似乎应该可行。无论如何,你这样做的方式很糟糕,因为除其他外,它让你容易受到 SQL 注入攻击。尝试替换这个:
OleDbCommand cmd = new OleDbCommand("SELECT [Name], [Surname], [Password], [ID] FROM MemberDetails WHERE [Name] = '" + username + "'", con);
有了这个:
OleDbCommand cmd = new OleDbCommand("SELECT [Name], [Surname], [Password], [ID] FROM MemberDetails WHERE [Name] = @Name", con);
cmd.Parameters.AddWithValue("@Name", username);
如果还是不行,我们可以再仔细看看。
尝试使用此代码
string username = lblName.Text;
using(OleDbConnection con = new OleDbConnection(@"Provider=Microsoft.ACE.OLEDB.12.0;Data Source=C:\Users\Rhys\Documents\Visual Studio 2013\Projects\AssignmentTrackerV2\AssignmentTrackerV2\bin\Debug\ATDatabase.accdb"))
{
using(OleDbCommand cmd = new OleDbCommand(@"Provider=Microsoft.ACE.OLEDB.12.0;Data Source=C:\Users\Rhys\Documents\Visual Studio 2013\Projects\AssignmentTrackerV2\AssignmentTrackerV2\bin\Debug\ATDatabase.accdb"))
{
cmd.Connection = con;
cmd.CommandText = "SELECT [Name], [Surname], [Password], [ID] FROM MemberDetails WHERE [Name] = '" + username + "'";
cmd.CommandType = CommandType.Text;
OleDbDataReader dr = null;
try
{
con.Open();
dr = cmd.ExecuteReader();
while (dr.Read())
{
lblName.Text = (dr["Name"].ToString() + dr["Surname"].ToString());
lblCourseTitle.Text = (dr["CourseTitle"].ToString());
lblID.Text = "ID: " + (dr["MemberID"].ToString());
}
con.Close();
}
catch (Exception)
{
throw;
}}}
希望这段代码对您有所帮助
我对在 Visual Studio 中使用 M-S Access 数据库还很陌生,因此我不熟悉 OLEDB 语法。我设法使用各种互联网资源创建了这个程序。到目前为止,我的程序让用户登录登录表单,然后根据用户名和密码字段测试数据,如果它们匹配,则将用户重定向到第二个表单,然后使用名称从 Access 数据库收集数据他们已经登录,但是当它尝试执行从数据库收集数据的代码时,我不断收到错误“没有为一个或多个必需参数给出值。”他们的名字。到目前为止,这是我的代码:
private void Form2_Load(object sender, EventArgs e)
{
string username = lblName.Text;
OleDbConnection con = new OleDbConnection(@"Provider=Microsoft.ACE.OLEDB.12.0;Data Source=C:\Users\Rhys\Documents\Visual Studio 2013\Projects\AssignmentTrackerV2\AssignmentTrackerV2\bin\Debug\ATDatabase.accdb");
DataTable dt = new DataTable();
con.Open();
OleDbDataReader dr = null;
OleDbCommand cmd = new OleDbCommand("SELECT [Name], [Surname], [Password], [ID] FROM MemberDetails WHERE [Name] = '" + username + "'", con);
//This is where the error is occuring.
**dr = cmd.ExecuteReader();**
while (dr.Read())
{
lblName.Text = (dr["Name"].ToString() + dr["Surname"].ToString());
lblCourseTitle.Text = (dr["CourseTitle"].ToString());
lblID.Text = "ID: " + (dr["MemberID"].ToString());
}
con.Close();
}
任何关于如何修复此错误的建议将不胜感激,如前所述,我对 OLEDB 语法相当陌生,如果有简单的解决方案,我深表歉意,谢谢!
乍一看,这似乎应该可行。无论如何,你这样做的方式很糟糕,因为除其他外,它让你容易受到 SQL 注入攻击。尝试替换这个:
OleDbCommand cmd = new OleDbCommand("SELECT [Name], [Surname], [Password], [ID] FROM MemberDetails WHERE [Name] = '" + username + "'", con);
有了这个:
OleDbCommand cmd = new OleDbCommand("SELECT [Name], [Surname], [Password], [ID] FROM MemberDetails WHERE [Name] = @Name", con);
cmd.Parameters.AddWithValue("@Name", username);
如果还是不行,我们可以再仔细看看。
尝试使用此代码
string username = lblName.Text;
using(OleDbConnection con = new OleDbConnection(@"Provider=Microsoft.ACE.OLEDB.12.0;Data Source=C:\Users\Rhys\Documents\Visual Studio 2013\Projects\AssignmentTrackerV2\AssignmentTrackerV2\bin\Debug\ATDatabase.accdb"))
{
using(OleDbCommand cmd = new OleDbCommand(@"Provider=Microsoft.ACE.OLEDB.12.0;Data Source=C:\Users\Rhys\Documents\Visual Studio 2013\Projects\AssignmentTrackerV2\AssignmentTrackerV2\bin\Debug\ATDatabase.accdb"))
{
cmd.Connection = con;
cmd.CommandText = "SELECT [Name], [Surname], [Password], [ID] FROM MemberDetails WHERE [Name] = '" + username + "'";
cmd.CommandType = CommandType.Text;
OleDbDataReader dr = null;
try
{
con.Open();
dr = cmd.ExecuteReader();
while (dr.Read())
{
lblName.Text = (dr["Name"].ToString() + dr["Surname"].ToString());
lblCourseTitle.Text = (dr["CourseTitle"].ToString());
lblID.Text = "ID: " + (dr["MemberID"].ToString());
}
con.Close();
}
catch (Exception)
{
throw;
}}}
希望这段代码对您有所帮助