0 
Function Authenticate(ByVal UserName As String, ByVal Password As String)
    Dim con As New OleDbConnection(connectionstring)

    Dim cmdstring As String
    cmdstring = "SELECT username, password  FROM tblUsers where username = @user AND password = @pass"

    con.Open()

    Dim cmd As OleDbCommand = New OleDbCommand(cmdstring, con)

    cmd.Parameters.AddWithValue("@user", OleDbType.VarChar).Value = UserName
    cmd.Parameters.AddWithValue("@pass", OleDbType.VarChar).Value = Password

    Dim sdr As OleDbDataReader = cmd.ExecuteReader()
    If (sdr.HasRows) Then
        Authenticate = True
    Else
        Authenticate = False
    End If
    sdr.Close()
    con.Close()
    con = Nothing
    Return Authenticate
End Function

任何人都可以帮忙,不知道为什么我A scalar variable '@user' needs to be declared一打到这条线就会得到:

Dim sdr As OleDbDataReader = cmd.ExecuteReader()
4

4 回答 4

2

您需要输入值而不是类型,并使用如下函数:

cmd.Parameters.AddWithValue("@user", UserName)
cmd.Parameters.AddWithValue("@pass", PassWord)

这将解决您的错误。在这里你有更多信息: 文档

于 2013-01-25T09:20:30.693 回答
0

答案如下

cmdstring = "SELECT username, password  FROM tblUsers where username = ? AND password = ?"

con.Open()

Dim cmd As OleDbCommand = New OleDbCommand(cmdstring, con)

cmd.Parameters.AddWithValue("@user", UserName)
cmd.Parameters.AddWithValue("@pass", Password)

出于某种原因,?在查询中,addwithvalues 也添加了受尊敬的值?在查询中,我花了一段时间才找到这个,所以我想我会分享:)

于 2013-02-06T20:04:41.300 回答
-1

在字符串 Dim cmdstring As String cmdstring = "SELECT username, password FROM tblUsers where username = @user AND password = @pass" 之后

cmdstring cmdstring.replace("@user","'" & UserName & "'").replace("pPassWord","'" & PassWord& "'")

这将创建正确的查询

于 2013-01-25T14:21:45.073 回答
-2

尝试更改.ExecuteReader()ExecuteNonQuery()

Dim sdr As OleDbDataReader = cmd.ExecuteNonQuery()

这是关于 ExecuteReader、ExecuteNonQuery、ExecuteScalar 的一个很好的解释……何时使用什么?

于 2013-01-25T09:16:52.313 回答