Vb.net 条件表达式中的数据类型不匹配。MS Access VB_Vb.net_Visual Studio 2010_Visual Studio_Ms Access_Ms Access 2010

Vb.net 条件表达式中的数据类型不匹配。MS Access VB

vb.net visual-studio-2010 visual-studio ms-access

Vb.net 条件表达式中的数据类型不匹配。MS Access VB,vb.net,visual-studio-2010,visual-studio,ms-access,ms-access-2010,Vb.net,Visual Studio 2010,Visual Studio,Ms Access,Ms Access 2010,'确定按钮 Private Sub OK_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles OK.Click Dim con As New OleDbConnection("Provider=Microsoft.jet.oledb.4.0;data source=C:\Users\Jill\Desktop\saddbase\Sadsystem\Sadsystem\bin\Debug\tena

'确定按钮

Private Sub OK_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles OK.Click
    Dim con As New OleDbConnection("Provider=Microsoft.jet.oledb.4.0;data source=C:\Users\Jill\Desktop\saddbase\Sadsystem\Sadsystem\bin\Debug\tenant.mdb")
    Dim cmd As OleDbCommand = New OleDbCommand("SELECT * FROM info WHERE TN_ID = '" & UsernameTextBox.Text & "' AND Password = '" & PasswordTextBox.Text & "' ", con)
    con.Open()
    Dim sdr As OleDbDataReader = cmd.ExecuteReader()
    ' If the record can be queried, Pass verification and open another form.  
    If (sdr.Read() = True) Then
        MessageBox.Show("The user is valid!")

        Me.Hide()
    Else
        MessageBox.Show("Invalid Tenant ID or password!")


End If

当我运行程序时，cmd.ExecuteReader（）中有一个错误。条件表达式中的数据类型不匹配请帮助解决此错误

在查询中，为TN_ID和Password字段传递两个字符串。
可能TN_ID是一个数字字段，不需要在其周围加引号，我发现传递用户名文本框的值非常奇怪

尽管如此，我希望检查您的查询，因为您还没有看到一些潜在的问题：

首先，密码是一个保留关键字，因此需要在其周围使用方括号。
其次，不要使用字符串连接来构建sql命令，而是使用如下参数化查询

Private Sub OK_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles OK.Click

    Dim commandText = "SELECT * FROM info WHERE TN_ID = ? AND [Password] = ?"
    Using con = New OleDbConnection(......))
    Using cmd = New OleDbCommand(commandText,con))
       con.Open()

       ' If the TN_ID is really a numeric field then you need '
       ' to conver the first parameter to a number '
       ' cmd.Parameters.AddWithValue("@p1", Convert.ToInt32(UsernameTextBox.Text))'

       cmd.Parameters.AddWithValue("@p1", UsernameTextBox.Text)
       cmd.Parameters.AddWithValue("@p2", PasswordTextBox.Text)
       Using sdr As OleDbDataReader = cmd.ExecuteReader())
        .....
       End Using
    End Using
    End Using    
End Sub

作为附带注释，与您的问题无关，也考虑不要在数据库中的纯文本中存储密码。有一些技术可以散列密码文本并将结果存储在数据库中。这样一来，任何人都无法通过查看数据库文件获得密码

Private Sub SumOfIR()

    Try
        Dim con As New System.Data.OleDb.OleDbConnection(ConnectionString)
        Dim com As New System.Data.OleDb.OleDbCommand

        con.Open()
        com.Connection = con
        com.CommandText = "Select Sum(IR) from Spectrum where StdNu='" + TxtNuTeif.Text + "'"
        com.Parameters.Clear()
        Dim SumIR As OleDbDataReader = com.ExecuteScalar
        LblIRTeif.Text = com.ExecuteScalar("SumIR").ToString
        con.Close()
        com.Dispose()

    Catch ex As Exception
        BehComponents.MessageBoxFarsi.Show(ex.ToString, "", BehComponents.MessageBoxFarsiButtons.OK, MessageBoxIcon.Warning)

    End Try

End Sub