执行此代码时,SQL命令出现错误
'?'附近的语法不正确
这是我的代码:
Dim command As New SqlCommand("SELECT [username], [password] FROM [stud_table] WHERE [username] = ?", connection)
command.Parameters.AddWithValue("username", Me.UsernameTextBox.Text)
Try
connection.Open()
Dim adapter As New SqlDataAdapter(command)
Dim rec As SqlDataReader = command.ExecuteScalar()
If rec.HasRows Then
rec.Read()
If Me.PasswordTextBox.Text.ToLower = rec.Item("password").ToString Then
MsgBox("Login successful")
Me.Hide()
user_profile.Show()
Else
MsgBox("Login unsuccessful, Incorrect Password", MsgBoxStyle.OkOnly, "Invalid")
End If
Else
MsgBox("Login unsuccessful, Invalid UserName", MsgBoxStyle.OkOnly, "Invalid")
End If
rec.Close()
Catch ex As OleDb.OleDbException
MsgBox("Login unsuccessful,no connection", MsgBoxStyle.OkOnly, "Invalid")
Catch ex As Exception
MessageBox.Show(ex.Message)
Finally
connection.Close()
End Try
答案 0 :(得分:1)
在查询中使用参数名称:
Dim command As New SqlCommand("SELECT [username],[password] FROM [stud_table] WHERE [username] = @username", connection)
command.Parameters.AddWithValue("@username", SqlDbType.NVarChar) = Me.UsernameTextBox.Text