Home > Software engineering >  System. InvalidOperationException: existing open DataReader associated with this Command, you must f
System. InvalidOperationException: existing open DataReader associated with this Command, you must f

Time:09-17

Ask god to help me see, how to solve it,
 
Protected Sub LoginButton_Click (sender As Object, As EventArgs e)
Dim Usernaem As String=Login1. UserName
Dim the password As String=Login1. "
Dim dates As String=System. A DateTime. Now. ToString (" yyyyMMdd ")
Dim time As String=TimeOfDay
Dim the count As Integer
Cn=New SqlClient. SqlConnection (CNSTR)
Cn. The Open ()
Dim SQLS As String="select * from the users where accounts='" & amp; Usernaem. Trim & amp; "' and password='" & amp; The password & amp; "'
"Cm=New SqlClient. SqlCommand (SQLS, cn)
Cm.Com mandText=SQLS
Myreader=cm. ExecuteReader
Myreader. Read ()
Cm. Connection=cn
Count=cm. ExecuteScalar
Dim the name As String=myreader (" name ")
Myreader. Close ()
If the count & gt; 0 Then
'Dim names As String=myreader. Get String (1). The Trim
Dim SQL As String="insert into the log (userid, name, login date, login time) values ('" & amp; Usernaem & amp; "', '" & amp; The name & amp; "', '" & amp; Dates & amp; "', '" & amp; Time & amp; "')
"SQL, da=New SqlClient. SqlDataAdapter (cn)
Ds=New DataSet (SQL)
Da. The Fill (ds, "log")
If the password="123456 @ 2018" Then
MsgBox (" please change the password, "vbSystemModal + MsgBoxStyle. OkOnly)
For Server Transfer (" modify password. Aspx ")
The Else
For Server Transfer (" webform1. Aspx ")

End the If
The Else
MsgBox (" user name or password error!" )
End the If
End Sub
The End of the Class

CodePudding user response:

For you to send the wrong version, projects are. Net,
Overall look down, feel a little bit on the database you operate this concept all have no, also did not understand to webform,
Code in question is a bit much, database operation this, suggest to find a few examples, carefully distinguish between the SqlCommand to get the data of different USES (read Reader object, SqlDataAdapter object), can also be simple consult me first Demo, which involves the query and insert; WEB this, it is necessary to clearly distinguish between front and back, and suggests to learn MVC, webform is the technology has been eliminated for many years, if they are old projects are already using webform, then grab a textbook to first put the webform over again, no difference between it and the grammar of the WinForm, but in a namespace, operation mechanism on the difference is very big,
 
Protected Sub LoginButton_Click (sender As Object, As EventArgs e)
Dim Usernaem As String=Login1. UserName
Dim the password As String=Login1. "
Dim dates As String=System. A DateTime. Now. ToString (" yyyyMMdd ")
Dim time As String=TimeOfDay
Dim the count As Integer
Cn=New SqlClient. SqlConnection (CNSTR)
Cn. The Open ()
Dim SQLS As String="select * from the users where accounts='" & amp; Usernaem. Trim & amp; "' and password='" & amp; The password & amp; "'
"
'sqlcommand can reuse: cm.Com mandText="SQL statement";
'this sentence has specified the Connection of cm for cn, that cm below. The Connection=cn is unnecessary;
'this sentence has been specified query is SQLS cm, the following cm.Com mandText=SQLS overkill,
Cm=New SqlClient. SqlCommand (SQLS, cn)

'this is redundant, in defining the cm, has been designated the CommandText
Cm.Com mandText=SQLS

Myreader=cm. ExecuteReader
Myreader. Read ()

'this is redundant, in defining the cm, has appointed its Connection
Cm. Connection=cn

'count is less than value, according to your logic, to fetch the record number with the count, but ExecuteScalar to query results, the first record of the first field value,
'count correct values need to change the SQL to "SELECT count (1) the FROM... ", SQL execution is an integer as a result, this can take a correct value according to your logic,
Count=cm. ExecuteScalar

Dim the name As String=myreader (" name ")
Myreader. Close ()
If the count & gt; 0 Then
'Dim names As String=myreader. Get String (1). The Trim
Dim SQL As String="insert into the log (userid, name, login date, login time) values ('" & amp; Usernaem & amp; "', '" & amp; The name & amp; "', '" & amp; Dates & amp; "', '" & amp; Time & amp; "')
"'SQLDATAADAPTER are commonly used to fetch the data, if is to execute an SQL, directly cm.Com mandText="SQL statement", cm. ExecuteNonQuery (), behind that returns an integer, on behalf of the impact on the number of SQL article
SQL, da=New SqlClient. SqlDataAdapter (cn)
Ds=New DataSet (SQL)
Da. The Fill (ds, "log")
If the password="123456 @ 2018" Then
'look at your code is webform development? In the webform msgbox has no meaning, because all of the code you write is on the server of
', the client will not see, the right thing to do is to generate the front-end js to alert alarm message
MsgBox (" please change the password, "vbSystemModal + MsgBoxStyle. OkOnly)
For Server Transfer (" modify password. Aspx ")
The Else
For Server Transfer (" webform1. Aspx ")
End the If
The Else
MsgBox (" user name or password error!" )
End the If
End Sub

Sub Demo ()
Dim the count As Integer
Dim cn As New SqlClient. SqlConnection (CNSTR)
Dim cm As New SqlClient. SqlCommand (SQLS, cn)
Dim da As New SqlClient. SqlDataAdapter ()
Dim dt As New DataTable ()

'your SQL has a fatal problem, not the injection, if you need to spell SQL, please use the parameterized queries
'and save the password, general use Md5 (if a bit more secure, can use salt Md5) to store, not bright Wen Cun,
'otherwise is to take off the library harm will be very big
Dim SQLS As String="select * from the users where accounts='" & amp; Usernaem. Trim & amp; "' and password='" & amp; The password & amp; "'
"
Cn. The Open ()

'when executing SQL
'or with SqlDataReader read (check)
'either use ExecuteNonQuery () direct execution (censored) increasing
'or with ExecuteScalar () directly in the first line in the first column (check)
'or with SqlDataAdapter to fill a DataSet or DataTable (check)
Da. SelectCommand (cm) 'for the SqlDataAdapter binding SqlCommand object

'the SqlCommand results fill in the data table objects dt, dt Rows is DataRow collection of objects, a DataRow object is a SQL record;
'dt. Rows (I) can take the case of a DataRow object, I take the DataRow later, with the column or column number can take the value of the specified column,
Da. The Fill (dt)
If dt. Rows. Count> 0 Then
Cmd.Com mandText="insert into the log (userid, name, login date, login time) values ('" & amp; Usernaem & amp; "', '" & amp; The name & amp; "', '" & amp; Dates & amp; "', '" & amp; Time & amp; "')";
Dim ret As Integer=CMD. ExecuteNonQuery () 'here can be judged according to the result of ret performed successfully without
'according to the corresponding user and pass to check the results
nullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnull
  • Related