ExecuteReader:尚未初始化连接属性。在vb.net 2010中_Vb.net_Vb.net 2010_Executereader

ExecuteReader:尚未初始化连接属性。在vb.net 2010中

vb.net

ExecuteReader:尚未初始化连接属性。在vb.net 2010中,vb.net,vb.net-2010,executereader,Vb.net,Vb.net 2010,Executereader,我有一个关于“invalidoperationexception未处理”的错误我的代码如下： Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click sql = "select * from tb_user where user_name='" + TxtUser.Text + "' and user_password='"

我有一个关于“invalidoperationexception未处理”的错误

我的代码如下：

 Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
    sql = "select * from tb_user where user_name='" + TxtUser.Text + "' and user_password='" + txtPass.Text + "'"
    cmd = New SqlCommand(sql, con)
    rd = cmd.ExecuteReader
    If (rd.HasRows) Then
        rd.Read()
        If rd.Item("user_position") = "Manager" Then
            Form5.MasterDataToolStripMenuItem.Visible = False
            Form5.mTransaction.Visible = False
            Form5.mReport.Visible = True
            Form5.mSetting.Visible = False
        ElseIf rd.Item("user_position") = "Admin" Then
            Form5.MasterDataToolStripMenuItem.Visible = True
            Form5.mTransaction.Visible = True
            Form5.mReport.Visible = False
            Form5.mSetting.Visible = True
        ElseIf rd.Item("user_position") = "Operator" Then
            Form5.MasterDataToolStripMenuItem.Visible = False
            Form5.mTransaction.Visible = True
            Form5.mReport.Visible = True
            Form5.mSetting.Visible = False
        End If
        Form5.useractive.Text = rd.Item("user_name")
        Form5.Statusposition.Text = rd.Item("user_position")
        Form5.ShowDialog()
    Else
        MsgBox("Access Denied! Check Username And Password!")
        TxtUser.Clear()
        txtPass.Clear()
        TxtUser.Focus()
    End If
End Sub

错误为“ExecuteReader:连接属性尚未初始化” 在此代码中：

 rd = cmd.ExecuteReader

我不知道我的代码出了什么问题。有人能帮我吗？我只是个新手。

谢谢

我怀疑您没有正确设置此处使用的“con”变量：

cmd = New SqlCommand(sql, con)

请不要像这样用字符串连接生成SQL查询。使用参数化查询：

末端接头

建议读数

Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
Using (con = New SqlClient.SqlConnection(yourconnectionString))
    Try
        con.Open();
        Dim sqlQuery As String = "select * from tb_user where user_name='" + TxtUser.Text + "' and user_password='" + txtPass.Text + "'"
        Dim sqlCommand As SqlClient.SqlCommand = New SqlClient.SqlCommand(sqlQuery, con)
        rd = sqlCommand.ExecuteReader()

        If (rd.HasRows) Then
            rd.Read()
            If rd.Item("user_position") = "Manager" Then
                Form5.MasterDataToolStripMenuItem.Visible = False
                Form5.mTransaction.Visible = False
                Form5.mReport.Visible = True
                Form5.mSetting.Visible = False
            ElseIf rd.Item("user_position") = "Admin" Then
                Form5.MasterDataToolStripMenuItem.Visible = True
                Form5.mTransaction.Visible = True
                Form5.mReport.Visible = False
                Form5.mSetting.Visible = True
            ElseIf rd.Item("user_position") = "Operator" Then
                Form5.MasterDataToolStripMenuItem.Visible = False
                Form5.mTransaction.Visible = True
                Form5.mReport.Visible = True
                Form5.mSetting.Visible = False
            End If
            Form5.useractive.Text = rd.Item("user_name")
            Form5.Statusposition.Text = rd.Item("user_position")
            Form5.ShowDialog()
        Else
            MsgBox("Access Denied! Check Username And Password!")
            TxtUser.Clear()
            txtPass.Clear()
            TxtUser.Focus()
        End If

    Catch ex As Exception

    End Try
End Using