Private Sub btnLogin_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnLogin.Click
Dim conn As New OleDbConnection("Provider=Microsoft.ACE.OLEDB.12.0;Data Source=C:\Users\Jen\Documents\Jade\vb\database.accdb")
txtAdmin.Text = "Admin"
Dim strsql As New OleDbCommand("select * from Account where Username ='" & txtUsername.Text & "' AND [Password] ='" & txtPassword.Text & "' AND AccountType = '" & txtAdmin.Text & "'", conn)
Dim strsql2 As New OleDbCommand("select * from Account where Username ='" & txtUsername.Text & "' AND [Password] ='" & txtPassword.Text & "' AND AccountType = '" & txtStudent.Text & "'", conn)
Dim uu As New OleDbParameter("UserName", txtUsername.Text)
Dim pp As New OleDbParameter("Password", txtPassword.Text)
strsql.Connection.Open()
strsql2.Connection.Open()
Dim reader As OleDbDataReader
reader = strsql.ExecuteReader
Dim reader2 As OleDbDataReader
reader2 = strsql2.ExecuteReader
If reader.HasRows Then
strsql.Connection.Close()
MsgBox(" Welcome Admin!", vbInformation)
frmIndex.Show()
desktopFade.Close()
ElseIf reader2.HasRows Then
strsql2.Connection.Close()
MsgBox(" Welcome Student!", vbInformation)
frmReg.Show()
desktopFade.Close()
ElseIf txtUsername.Text = "" And txtPassword.Text = "" Then
MsgBox("Don't leave the fields blank", vbCritical)
txtUsername.Focus()
Else
MsgBox("Your Username or Password is invalid", MsgBoxStyle.Critical)
Me.txtUsername.Text = ""
Me.txtPassword.Text = ""
Me.txtUsername.Focus()
strsql.Connection.Close()
strsql2.Connection.Close()
End If
The error here is the strsql2.connection.open() <--- it says that the connection is not close. still open.
I edited your question because you tagged it VBA and this is VB.NET
You have several problems with your code.
You should add Error trapping with Try Catch and also your connection is not always closed
To only fix the actual issue, test if the connection is open before trying to open it
If strsql2.Connection.State = ConnectionState.Open Then
Console.WriteLine("COnnection already open, closing it")
strsql2.Connection.Close()
End If
strsql2.Connection.Open()
Related
Public Class login
Dim conn As MySqlConnection
Dim Reader As MySqlDataReader
Dim cmd As MySqlCommand
Dim audit As String
Dim faudit As String
Dim connectiontime, active As String
Dim attempts As String
Dim server As String = "server=127.0.0.1;user=root;database=spilibrary"
Private Sub Button1_Click(sender As Object, e As EventArgs) Handles btnLogin.Click
Dim statement As String
Dim Userrole As String
conn = New MySqlConnection
conn.ConnectionString = server
conn.Open()
statement = "select * from user where Username = '" & username.Text & "' and Password = BINARY '" & password.Text & "'"
cmd = New MySqlCommand(statement, conn)
Reader = cmd.ExecuteReader
Try
Dim found As Boolean
While Reader.Read
found = True
Userrole = Reader.GetString("Userrole")
connectiontime = Reader.GetString("connectiontime")
attempts = Reader.GetString("attempts")
If Userrole = "Administrator" And connectiontime = "Now" Or connectiontime <= TimeOfDay.ToString("HH:mm") Then
MsgBox("Welcome Admin", MsgBoxStyle.Information, "System message")
mainform.Show()
mainform.Maintenancebtn.Enabled = True
mainform.level1.Text = Userrole
'Me.Close()
Reader.Close()
cmd = New MySqlCommand("update user set attempts = '" & "0" & "', connectiontime='" & "Now" & "' where Username='" & username.Text & "'", conn)
Reader = cmd.ExecuteReader
ElseIf Userrole = "Librarian" And connectiontime = "Now" Or connectiontime <= TimeOfDay.ToString("HH:mm:ss") Then
MsgBox("Welcome Librarian", MsgBoxStyle.Information, "System Message")
'mainform.Maintenancebtn.Enabled = False
mainform.Show()
mainform.level1.Text = Userrole
' Me.Close()
'OPAC.show()
Reader.Close()
cmd = New MySqlCommand("update user set attempts ='" & "0" & "', connectiontime ='" & "Now" & "' where Username='" & username.Text & "'", conn)
Reader = cmd.ExecuteReader
ElseIf Userrole = "Administrator" And connectiontime <> "Now" And connectiontime >= TimeOfDay.ToString("HH:mm:ss") Then
MsgBox("You're Account has been blocked because of multiple failed attempts", vbCritical, "System Message")
ElseIf Userrole = "Librarian" And connectiontime <> "Now" And connectiontime >= TimeOfDay.ToString("HH:mm:ss") Then
MsgBox("Your Account has been blocked because of multiple failed attempts", vbCritical, "System Message")
Else
MsgBox("You're Account whas been blocked because of multiple failed attempts", vbCritical, "System Message")
End If
Someone please help me with this.. when i hit login button it always reads the first if-else statement i enter which is the Userrole="administrator" even if im logging in my Librarian Userrole. when i try to switch them the It reads the librarian userrole and not the admin even if im logging my admin userrole.. in my database they are declared right. so maybe it's the code. Thank you
Try using brackets in your condition to make it clearer. Like this:
If Userrole = "Administrator" AndAlso (connectiontime = "Now" OrElse connectiontime <= TimeOfDay.ToString("HH:mm")) Then
in your code, it would also match if
connectiontime <= TimeOfDay.ToString("HH:mm")
I don't know what seems to be the problem,
can anyone help?
I already installed all necessary thing to run the program.
Public Sub main1_Click(sender As Object, e As EventArgs) Handles main1.Click
scorestanding.Text = standingscore
provider = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source ="
dataFile = "Database\user.mdb"
connString = provider & dataFile
myConnection.ConnectionString = connString
myConnection.Open()
Dim str As String
str = "UPDATE login set[scorestand] = '" & scorestanding.Text & "' Where [username] = '" & Label1.Text & "'"
Dim cmd As OleDbCommand = New OleDbCommand(str, myConnection)
Try
cmd.CommandText = "UPDATE login set[scorestand] = '" & scorestanding.Text & "' Where [username] = '" & Label1.Text
cmd.ExecuteNonQuery()
cmd.Dispose()
myConnection.Close()
Catch ex As Exception
MsgBox(ex.Message)
End Try
Me.Close()
main.Show()
End Sub
str = "UPDATE login set[scorestand] = '" & scorestanding.Text & "' Where [username] = '" & Label1.Text & "'"
Dim cmd As OleDbCommand = New OleDbCommand(str, myConnection)
Try
cmd.CommandText = "UPDATE login set[scorestand] = '" & scorestanding.Text & "' Where [username] = '" & Label1.Text
cmd.ExecuteNonQuery()
cmd.Dispose()
myConnection.Close()
Catch ex As Exception
MsgBox(ex.Message)
End Try
Me.Close()
main.Show()
End Sub
It does nt have any eror but it also does nothing.
Private Sub btnSubmit_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnSubmit.Click
conn = New OleDbConnection("Provider = Microsoft.ace.Oledb.12.0; Data Source = C:\Users\matthew\Desktop\GSCS\Enrollment.accdb")
conn.Open()
Dim cmd As OleDbCommand = New OleDbCommand("SELECT * FROM Login WHERE UserName = '" & txtUserName.Text & "' AND [Password] = '" & txtPassword.Text & "'", conn)
Dim dr As OleDbDataReader = cmd.ExecuteReader
Dim userFound As Boolean = False
While dr.Read()
userFound = True
UserName = dr("Username").ToString
Password = dr("Password").ToString
LevelOfAccess = dr("LevelOfAccess").ToString
End While
If txtUserName.Text = "" Or txtPassword.Text = "" Then
MessageBox.Show("Some fields missing")
ElseIf txtPassword.Text.Length < 6 Then
MessageBox.Show("Password should consists of 6-12 characters", "Error", MessageBoxButtons.OK)
ElseIf userFound = True Then
Dim st As String = "INSERT INTO AuditTrail (Username, DateOfUsage, Activity) VALUES ('" & txtUserName.Text & "', '" & Date.Now & "', '" & li & "')"
Dim cmd1 As New OleDbCommand(st, conn)
cmd1.ExecuteNonQuery()
If LevelOfAccess = 1 Then
DisplayForm(Dashboard, Main.pnlMain)
MessageBox.Show("Administrator")
ElseIf LevelOfAccess = 2 Then
DisplayForm(Dashboard1, Main.pnlMain)
MessageBox.Show("Employee")
End If
Else
MsgBox("Sorry, username or password not found", MsgBoxStyle.OkOnly, "Invalid Login")
End If
conn.Close()
End Sub
This is my login code, can anybody help me how can I make it case sensitive? There are no error, but it is not casesensitive. Anyone who has the idea how I can make this case sensitive?
String.Compare(str1, str2, True))
try to use string.compare method instead of just "=" Sign
like this:
dim x as integer
x=String.Compare(str1, str2, False)
if x=0 then
'Put Codes Here If Password Is Correct
else
'put Code Here IF password Is Incorrect
end if
I would like my database to also select radiobuttons from my access database. However whenever I try running my program and providing the needed information, an error shows up
" Error:Syntax error in string in query expression 'username=asjjm'
AND password = 'ksjadklf' AND facultymember = 'False' AND student =
'False. "
I don't really understand errors like that because I'm only a beginner. Can someone tell me whats wrong? Thank you very much.
Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnLogin.Click
' Check if username or password is empty
If TxtPassword.Text = "" Or TxtUsername.Text = "" Then
MessageBox.Show("Please complete the required fields.", "Authentication Error!", MessageBoxButtons.OK, MessageBoxIcon.Error)
Else
' Both fields was supply
' Check if user exist in database
' Connect to DB
Dim conn As New System.Data.OleDb.OleDbConnection()
conn.ConnectionString = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source=C:\Thesis\Thesis\Database2.accdb"
Try
'conn.Open()
'MsgBox("Susscess")
Dim sql As String = "SELECT * FROM tbl_user WHERE username='" & TxtUsername.Text & "' AND password = '" & TxtPassword.Text & "' AND facultymember = '" & RadioButton1.Checked & "' AND student ='" & RadioButton2.Checked '""
Dim sqlCom As New System.Data.OleDb.OleDbCommand(sql)
'Open Database Connection
sqlCom.Connection = conn
conn.Open()
Dim sqlRead As System.Data.OleDb.OleDbDataReader = sqlCom.ExecuteReader()
If sqlRead.Read() Then
MainStud.Show()
Me.Hide()
Else
' If user enter wrong username and password combination
' Throw an error message
MessageBox.Show("Username, Password, and Account Type do not match!", "Authentication Failure", MessageBoxButtons.OK, MessageBoxIcon.Exclamation)
'Clear all fields
TxtPassword.Text = ""
TxtUsername.Text = ""
'Focus on Username field
TxtUsername.Focus()
conn.Close()
End If
Catch ex As Exception
MessageBox.Show("Error:" & ex.Message)
End Try
End If
End Sub
*Edit
I did exactly what #chepe263 said and got two new errors.
End of statement expected
'System.Data.Sql' is a namespace and cannot be used as an expression.
What's causing these? Note* I made the radiobuttons to indicate choices whether the user is logging in on an account as a faculty member or student.
Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnLogin.Click
' Check if username or password is empty
If TxtPassword.Text = "" Or TxtUsername.Text = "" Then
MessageBox.Show("Please complete the required fields.", "Authentication Error!", MessageBoxButtons.OK, MessageBoxIcon.Error)
Else
' Both fields was supply
' Check if user exist in database
' Connect to DB
Dim conn As New System.Data.OleDb.OleDbConnection()
conn.ConnectionString = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source=C:\Thesis\Thesis\Database2.accdb"
Try
'conn.Open()
'MsgBox("Susscess")
Dim facultyMemberName As String
Dim rbdtext As String
If RadioButton1.Checked Then
facultyMemberName = RadioButton1.Text
End If
If RadioButton2.Checked Then
rbdtext = RadioButton2.Text
End If
Dim sql As String = "SELECT * FROM tbl_user WHERE username='" & TxtUsername.Text & "' AND password = '" & TxtPassword.Text & "' AND facultymember = '" & facultyMemberName & "' AND student ='" & rbdtext """
Dim sqlCom As New System.Data.OleDb.OleDbCommand(Sql, conn)
'Open Database Connection
sqlCom.Connection = conn
conn.Open()
Dim sqlRead As System.Data.OleDb.OleDbDataReader = sqlCom.ExecuteReader()
If sqlRead.Read() Then
MainStud.Show()
Me.Hide()
Else
' If user enter wrong username and password combination
' Throw an error message
MessageBox.Show("Username and Password do not match!", "Authentication Failure", MessageBoxButtons.OK, MessageBoxIcon.Exclamation)
'Clear all fields
TxtPassword.Text = ""
TxtUsername.Text = ""
'Focus on Username field
TxtUsername.Focus()
conn.Close()
End If
Catch ex As Exception
MessageBox.Show("Error:" & ex.Message)
End Try
End If
End Sub
Edit* Still not over this. Tried every possible solution but still shows errors. Sorry if it could get so confusing. I'm just a beginner.
you try something like this
if (RadioButton1.Checked)
{
rbdtext = RadioButton1.Text;
}
else if (RadioButton2.Checked)
{
rbdtext = RadioButton2.Text;
}
else
{
rbdtext = RadioButton3.Text;
}
then your SQL Statement
Dim sql As String = "SELECT * FROM tbl_user WHERE username='" & TxtUsername.Text & "' AND password = '" & TxtPassword.Text & "' AND facultymember = '" & rbdtext & "' AND student ='" & rbdtext '""
declare a new variable inside Button Click's Private sub
Dim facultyMemberName as String
Do what Parth Akbari suggests
If RadioButton1.Checked Then
facultyMemberName = RadioButton1.Text
End If
(Repeat for as many radio buttons you have)
Then place the right variable name and fix the end of your string (the single quote is before the double quote and it makes it a commentary, no good)
Dim sql As String = "SELECT * FROM tbl_user WHERE username='" & TxtUsername.Text & "' AND password = '" & TxtPassword.Text & "' AND facultymember = '" & facultyMemberName & "' AND student ='" & rbdtext """
Tips (just opinions)
Try using a ListBox or ComboBox instead of RadioButtons since you are listing names of people. You could do something like
facultyMemberName = lstFacultyName.SelectedItem.Text
Try placing your sql query in a textbox, copy it and run it with your favorite SQL manager. You can detect potential errors that way.
Try using parameters instead of concatenate values to a string.
In a Login form for VB.Net connected to an Oracle database.. Is there a way of inserting an If statement to direct different users to different forms.. Eg, an accountant to the accounting home page or a driver to a driver homepage even though all there ID's and passwords are in the one table within the database.
There is a POSITION field within the database and this is what I would like to use to differentiate the different users levels of access.
Here is the code working so far:
Dim conn As New OleDb.OleDbConnection
conn.ConnectionString = _
"Provider=msdaora;Data Source=orabis;User Id=112221800;Password=112221800;"
conn.Open()
Dim parmuser As New OleDb.OleDbParameter
parmuser.OleDbType = OleDb.OleDbType.Char
parmuser.Value = txtStaffNo.Text
Dim parmpass As New OleDb.OleDbParameter
parmpass.OleDbType = OleDb.OleDbType.Char
parmpass.Value = txtPassword.Text
Dim cmd As New OleDbCommand
cmd.Connection = conn
cmd = New OleDbCommand("select STAFFID,PASSWORD from STAFF where STAFFID ='" & txtStaffNo.Text & "' and PASSWORD ='" & txtPassword.Text & "'", conn)
cmd.CommandType = CommandType.Text
Dim dr As OleDb.OleDbDataReader
dr = cmd.ExecuteReader()
If txtStaffNo.Text = "" Or txtPassword.Text = "" Then
MessageBox.Show("You have not entered any values!", "ERROR", MessageBoxButtons.OK, MessageBoxIcon.Error)
ElseIf dr.Read() Then
txtStaffNo.Text = dr("STAFFID")
txtPassword.Text = dr("PASSWORD")
MsgBox("Access Allowed")
CustOption.Show()
Me.Hide()
Else
'MessageBox.Show("Wrong Username and Password", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error)
'intCount = intCount + 1
End If
In your SELECT statement, add position there so it would be:
cmd = New OleDbCommand("select POSITION, STAFFID,PASSWORD from STAFF where STAFFID ='" & txtStaffNo.Text & "' and PASSWORD ='" & txtPassword.Text & "'", conn)
Then after you validate the user, you just use a select case like:
Dim empPosition as string = dr("POSITION") ' assuming it's a string here
select case empPosition.toLower
case "driver"
' open driver form
case "accountant"
'open accountant form
' more case statements for other positions.
End Select