I'm wondering what's wrong with the following codes I got below. I'm creating a form where a user can change their password but I always get an error whenever I try to run my system. Any help would be greatly appreciated! Thank you.
Public Class Form7
Dim cnString = "Provider=Microsoft.ACE.OLEDB.12.0;" & _
"Data Source=C:\Thesis\Thesis\Database1.accdb"
Private Sub TextBox1_TextChanged(sender As System.Object, e As System.EventArgs) Handles TextBox2.TextChanged
End Sub
Private Sub Button1_Click(sender As System.Object, e As System.EventArgs) Handles Button1.Click
Try
Using dbCommand As New System.Data.OleDb.OleDbCommand("select count ([Password]) from students where [Password] like ?", cnString)
dbCommand.Parameters.AddWithValue("@password", textbox1.Text)
Dim result As Integer = DirectCast(dbCommand.ExecuteScalar(), Integer)
If result = 1 Then
Dim sqlquery As String = "UPDATE students SET StudFacID = @STUDID, [Password] = @Password" & _
"WHERE ID = StudFacID"
' Use this form to initialize both connection and command to
' avoid forgetting to set the appropriate properties....
Using conn = New System.Data.OleDb.OleDbConnection(cnString)
Using cmd = New System.Data.OleDb.OleDbCommand(sqlquery, cnString)
cnString.Open()
cmd.Parameters.AddWithValue("@STUDID", TxtID.Text)
cmd.Parameters.AddWithValue("@Password", TextBox2.Text)
End Using
End Using
End If
End Using
Catch ex As Exception
MsgBox(ex.ToString)
End Try
End Sub
End Class
You're trying to construct an OleDbCommand
object:
New System.Data.OleDb.OleDbCommand("your sql command", cnString)
using the constructor that takes two arguments. That constructor expects a String
and a OleDbConnection
, but instead you're giving it a String
and a String
. As the error says, a String
can't be cast to an OldDbConnection
, so this attempt fails.
Create an OleDbConnection
object to use with your command object. Perhaps something like this:
Using dbConnection As New OleDbConnection(cnString)
Using dbCommand As New OleDbCommand("your sql command", dbConnection)
' the rest of your code
End Using
End Using
(Basically, you should be doing the exact same thing you're already doing with the conn
and cmd
objects.)
Also, as a side note, and this is very important... You should not be storing user passwords as plain text. User passwords should be hashed and should never be recoverable. What you're currently doing is grossly irresponsible to your users.