vb.net

Unable to cast object of type...

I'm wondering what's wrong with the following codes I got below. I'm creating a form where a user can change their password but I always get an error whenever I try to run my system. Any help would be greatly appreciated! Thank you.

Public Class Form7

Dim cnString = "Provider=Microsoft.ACE.OLEDB.12.0;" & _
             "Data Source=C:\Thesis\Thesis\Database1.accdb"
Private Sub TextBox1_TextChanged(sender As System.Object, e As System.EventArgs) Handles TextBox2.TextChanged

End Sub

Private Sub Button1_Click(sender As System.Object, e As System.EventArgs) Handles Button1.Click
    Try
        Using dbCommand As New System.Data.OleDb.OleDbCommand("select count ([Password]) from students where [Password] like ?", cnString)
            dbCommand.Parameters.AddWithValue("@password", textbox1.Text)
            Dim result As Integer = DirectCast(dbCommand.ExecuteScalar(), Integer)
            If result = 1 Then
                Dim sqlquery As String = "UPDATE students SET StudFacID = @STUDID, [Password] = @Password" & _
                             "WHERE ID = StudFacID"

                ' Use this form to initialize both connection and command to 
                ' avoid forgetting to set the appropriate properties....

                Using conn = New System.Data.OleDb.OleDbConnection(cnString)
                    Using cmd = New System.Data.OleDb.OleDbCommand(sqlquery, cnString)

                        cnString.Open()
                        cmd.Parameters.AddWithValue("@STUDID", TxtID.Text)
                        cmd.Parameters.AddWithValue("@Password", TextBox2.Text)
                    End Using

                End Using
            End If

                End Using 

    Catch ex As Exception
        MsgBox(ex.ToString)
    End Try
End Sub

End Class

This is a screenshot of the error I get

Solution

  • You're trying to construct an OleDbCommand object:

    New System.Data.OleDb.OleDbCommand("your sql command", cnString)

    using the constructor that takes two arguments. That constructor expects a String and a OleDbConnection, but instead you're giving it a String and a String. As the error says, a String can't be cast to an OldDbConnection, so this attempt fails.

    Create an OleDbConnection object to use with your command object. Perhaps something like this:

    Using dbConnection As New OleDbConnection(cnString)
    Using dbCommand As New OleDbCommand("your sql command", dbConnection)
        ' the rest of your code
    End Using
End Using

    (Basically, you should be doing the exact same thing you're already doing with the conn and cmd objects.)

    Also, as a side note, and this is very important... You should not be storing user passwords as plain text. User passwords should be hashed and should never be recoverable. What you're currently doing is grossly irresponsible to your users.