ExecuteReader:尚未初始化连接属性。在vb.net 2010中
我有一个关于“invalidoperationexception未处理”的错误 我的代码如下:ExecuteReader:尚未初始化连接属性。在vb.net 2010中,vb.net,vb.net-2010,executereader,Vb.net,Vb.net 2010,Executereader,我有一个关于“invalidoperationexception未处理”的错误 我的代码如下: Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click sql = "select * from tb_user where user_name='" + TxtUser.Text + "' and user_password='"
Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
sql = "select * from tb_user where user_name='" + TxtUser.Text + "' and user_password='" + txtPass.Text + "'"
cmd = New SqlCommand(sql, con)
rd = cmd.ExecuteReader
If (rd.HasRows) Then
rd.Read()
If rd.Item("user_position") = "Manager" Then
Form5.MasterDataToolStripMenuItem.Visible = False
Form5.mTransaction.Visible = False
Form5.mReport.Visible = True
Form5.mSetting.Visible = False
ElseIf rd.Item("user_position") = "Admin" Then
Form5.MasterDataToolStripMenuItem.Visible = True
Form5.mTransaction.Visible = True
Form5.mReport.Visible = False
Form5.mSetting.Visible = True
ElseIf rd.Item("user_position") = "Operator" Then
Form5.MasterDataToolStripMenuItem.Visible = False
Form5.mTransaction.Visible = True
Form5.mReport.Visible = True
Form5.mSetting.Visible = False
End If
Form5.useractive.Text = rd.Item("user_name")
Form5.Statusposition.Text = rd.Item("user_position")
Form5.ShowDialog()
Else
MsgBox("Access Denied! Check Username And Password!")
TxtUser.Clear()
txtPass.Clear()
TxtUser.Focus()
End If
End Sub
错误为“ExecuteReader:连接属性尚未初始化”
在此代码中:
rd = cmd.ExecuteReader
我不知道我的代码出了什么问题。有人能帮我吗?我只是个新手。
谢谢 我怀疑您没有正确设置此处使用的“con”变量:
cmd = New SqlCommand(sql, con)
请不要像这样用字符串连接生成SQL查询。
使用参数化查询:
末端接头建议读数
Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
Using (con = New SqlClient.SqlConnection(yourconnectionString))
Try
con.Open();
Dim sqlQuery As String = "select * from tb_user where user_name='" + TxtUser.Text + "' and user_password='" + txtPass.Text + "'"
Dim sqlCommand As SqlClient.SqlCommand = New SqlClient.SqlCommand(sqlQuery, con)
rd = sqlCommand.ExecuteReader()
If (rd.HasRows) Then
rd.Read()
If rd.Item("user_position") = "Manager" Then
Form5.MasterDataToolStripMenuItem.Visible = False
Form5.mTransaction.Visible = False
Form5.mReport.Visible = True
Form5.mSetting.Visible = False
ElseIf rd.Item("user_position") = "Admin" Then
Form5.MasterDataToolStripMenuItem.Visible = True
Form5.mTransaction.Visible = True
Form5.mReport.Visible = False
Form5.mSetting.Visible = True
ElseIf rd.Item("user_position") = "Operator" Then
Form5.MasterDataToolStripMenuItem.Visible = False
Form5.mTransaction.Visible = True
Form5.mReport.Visible = True
Form5.mSetting.Visible = False
End If
Form5.useractive.Text = rd.Item("user_name")
Form5.Statusposition.Text = rd.Item("user_position")
Form5.ShowDialog()
Else
MsgBox("Access Denied! Check Username And Password!")
TxtUser.Clear()
txtPass.Clear()
TxtUser.Focus()
End If
Catch ex As Exception
End Try
End Using