1. 首页
  2. 问答
  3. VB.NET:无法读取MySQL数据读取器的数据库记录dr.HasRows

VB.NET:无法读取MySQL数据读取器的数据库记录dr.HasRows

2014-07-23 50 views
0

当我点击文本框上的有效ID号的按钮2时,它始终显示消息框“无效的ID号”但如果我删除IF声明,它显示数据库记录,它工作正常,但我需要这个IF声明,我认为这里的问题是dr.HasRows,但我不知道该怎么把。VB.NET:无法读取MySQL数据读取器的数据库记录dr.HasRows

Imports MySql.Data.MySqlClient 

Public Class Form16 
    Private Sub Form16_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load 
    End Sub 

    Private Sub Button2_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button2.Click 
     Dim con As New MySqlConnection("server=localhost;user id=root;password=root;database=db") 
     Dim DataSet1 As New DataSet 
     Dim dr As MySqlDataReader 
     Dim da As New MySqlDataAdapter 
     Dim cmd As New MySqlCommand 

     con.ConnectionString = "server = localhost; user id = root;password=root; database = db" 
     cmd.Connection = con 
     con.Open() 
     cmd.CommandText = "select * from voter where idn='" & TextBox1.Text & "'" 
     dr = cmd.ExecuteReader 
     con.Close() 
     da.SelectCommand = cmd 
     da.Fill(DataSet1, "db") 


     If dr.HasRows Then 
      Label2.DataBindings.Add("text", DataSet1, "db.fname") 
      Label10.DataBindings.Add("text", DataSet1, "db.mi") 
      Label11.DataBindings.Add("text", DataSet1, "db.lname") 
      Label12.DataBindings.Add("text", DataSet1, "db.yr") 
      Label13.DataBindings.Add("text", DataSet1, "db.sec") 
      Label14.DataBindings.Add("text", DataSet1, "db.vstatus") 
     Else 
      MessageBox.Show("Invalid ID No.", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error) 
     End If 

     Label2.DataBindings.Clear() 
     Label10.DataBindings.Clear() 
     Label11.DataBindings.Clear() 
     Label12.DataBindings.Clear() 
     Label13.DataBindings.Clear() 
     Label14.DataBindings.Clear() 
    End Sub 
End Class

来源

2014-07-23 Sky Scraper

+1

'选择从选民那里IDN = ' “&TextBox1.Text&”''你是开放的SQL注入*。使用参数。除此之外,如果您仍然使用数据集,为什么还要使用数据库?你可以通过这种方式访问​​你填写的表格:'Dim db As DataTable = DataSet1.Tables(“db”)',它是通过'db.Rows'的行。 –

+0

对不起,我只是一个初学者在vb.net,我真的不知道如何去做你所说的。你能解释更多吗? –

+0

是一个数字?如果是这样删除报价,以便你有... idn =“&TextBox1.Text ....如Tim提到你应该学会使用参数。 – Mych

回答

0

您需要使用Parameterized查询,以防止SQL Injection

Dim commandText as String = "SELECT * FROM Voter WHERE [email protected]" 
Dim command As New MySqlCommand(commandText, connection) 

command.Parameters.AddWithValue("@idn", TextBox1.Text)

你并不需要,如果你使用的是DataReader,因为你可以使用DataSetDataAdapter转换您的DataReaderDataTable

dr = command.ExecuteReader() ' Get Data Reader Rows 
dt.Load(dr) 'Convert DataReader into DataTable

现在可以绑定到你的LabelTextBox

Label2.DataBindings.Add("Text", dt, "fname")

您不必再使用HasRows属性检查是否有DataReader行,而不是你可以检查你的DataTableRow Count

If (dt.Rows.Count > 0) Then 
    Label2.DataBindings.Add("Text", dt, "fname") 
End If

我也使用Using声明的dotNet专为连接,这样你就不必关闭:

Using connection As New MySqlConnection(connectionString) 
    'More code here 
End Using ' Close the connection automatically

检查完成下面的代码:

Imports MySql.Data.MySqlClient 

Public Class Form16 

    Dim connectionString as String = "server = localhost; user id = root;password=root; database = db" 
    Dim dt as DataTable 

    Private Sub Button2_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button2.Click 


    Using connection As New MySqlConnection(connectionString) 
     ' Use Parameterized query 
     Dim commandText as String = "SELECT * FROM Voter WHERE [email protected]" 
     Dim command As New MySqlCommand(commandText, connection) 
     Dim dr As MySqlDataReader 

     ' Add idn value using parameterized query 
     command.Parameters.AddWithValue("@idn", TextBox1.Text) 


     Try 
     connection.Open() ' Open Connection 
     dr = command.ExecuteReader() 
     dt = New DataTable() 
     dt.Load(dr) 
     If (dt.Rows.Count > 0) Then 
      Label2.DataBindings.Add("Text", dt, "fname") 
      Label10.DataBindings.Add("Text", dt, "mi") 
      Label11.DataBindings.Add("Text", dt, "lname") 
      Label12.DataBindings.Add("Text", dt, "yr") 
      Label13.DataBindings.Add("Text", dt, "sec") 
      Label14.DataBindings.Add("Text", dt, "vstatus") 
     Else 
      MessageBox.Show("Invalid ID No.", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error) 
     End If 

     Catch ex As Exception 
     MessageBox.Show(ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error) 
     End Try 
    End Using 

    End Sub 

End Class

来源

2014-07-24 08:27:27 Edper

+0

wew!谢谢你的答案,先生!专门为你教过的东西,我会学习所有的东西:D –

0

您已经完成了比您更多的工作......如果您要使用datareader,您的代码最终应该看起来像这样。 (我还没有测试此代码)

Imports MySql.Data.MySqlClient 

Public Class Form16 
    Private Sub Form16_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load 
End Sub 

Private Sub Button2_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button2.Click 
    Dim con As New MySqlConnection("server=localhost;user id=root;password=root;database=db") 
    Dim DataSet1 As New DataSet 
    Dim dr As MySqlDataReader 
    Dim da As New MySqlDataAdapter 
    Dim cmd As New MySqlCommand 

    con.ConnectionString = "server = localhost; user id = root;password=root; database = db" 
    cmd.Connection = con 
    con.Open() 
    cmd.CommandText = "select * from voter where idn='" & TextBox1.Text & "'" 
    dr = cmd.ExecuteReader 
    con.Close() 


    if dr.read then 

     Label2.text = dr("fname") 
     Label10.text = dr("mi") 
     Label11.text = dr("lname") 
     Label12.text = dr("yr") 
     Label13.text = dr("sec") 
     Label14.text = dr("vstatus") 

    else 
     MessageBox.show("Invalid ID Number") 
    endif 

End Class

来源

2014-07-23 21:35:01

相关问题

 相关问题