8 Replies - 381 Views - Last Post: 05 February 2013 - 05:57 PM Rate Topic: -----

#1 Guitora Kuronato  Icon User is offline

  • New D.I.C Head

Reputation: -7
  • View blog
  • Posts: 28
  • Joined: 02-December 12

Code search problem

Posted 30 January 2013 - 10:14 PM

Hello all,, i got new problem..
That is my search code

Dim conSearch As New OleDb.OleDbConnection
        Dim conStr As String = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source=|DataDirectory|\notifdb.accdb"
        Dim StudSQL As String
        Dim inc As Integer
        Dim dsSearch2 As New DataSet
        Dim dsSearch As New DataSet
        If TextBox3.Text = "" Then
            MessageBox.Show("Enter a student id", "South City College", MessageBoxButtons.OK, MessageBoxIcon.Error)
            TextBox3.Focus()
        Else
            StudSQL = "SELECT * FROM NFTB WHERE S/N ='" & TextBox3.Text & "'"
            conSearch.ConnectionString = conStr
            Dim daSearch As OleDb.OleDbDataAdapter = New OleDb.OleDbDataAdapter(StudSQL, conSearch)
            daSearch.Fill(dsSearch, "NFTB")
            inc = 0
            MessageBox.Show("Database table found!", "South City College", MessageBoxButtons.OK, MessageBoxIcon.Question)
            NOTIFTextBox.Text = dsSearch.Tables("NFTB").Rows(inc).Item(1)
            EMP_NOTextBox.Text = dsSearch.Tables("NFTB").Rows(inc).Item(2)
            EMP_NAMETextBox.Text = dsSearch.Tables("NFTB").Rows(inc).Item(3)
            POSITIONTextBox.Text = dsSearch.Tables("NFTB").Rows(inc).Item(4)
            APP_DATETextBox.Text = dsSearch.Tables("NFTB").Rows(inc).Item(5)
            APP_DT_FROMTextBox.Text = dsSearch.Tables("NFTB").Rows(inc).Item(6)
            APP_DT_TOTextBox.Text = dsSearch.Tables("NFTB").Rows(inc).Item(7)
            APP_TIMETextBox.Text = dsSearch.Tables("NFTB").Rows(inc).Item(8)
            APP_TIME_FROMTextBox.Text = dsSearch.Tables("NFTB").Rows(inc).Item(9)
            APP_TIME_ONTextBox.Text = dsSearch.Tables("NFTB").Rows(inc).Item(10)
            REASONSTextBox.Text = dsSearch.Tables("NFTB").Rows(inc).Item(11)
            REMARKSTextBox.Text = dsSearch.Tables("NFTB").Rows(inc).Item(12)
            TIME_INTextBox.Text = dsSearch.Tables("NFTB").Rows(inc).Item(13)
            TIME_OUTTextBox.Text = dsSearch.Tables("NFTB").Rows(inc).Item(14)
            CHECKED_INTextBox.Text = dsSearch.Tables("NFTB").Rows(inc).Item(15)
            CHECKED_OUTTextBox.Text = dsSearch.Tables("NFTB").Rows(inc).Item(16)
            IN_ONTextBox.Text = dsSearch.Tables("NFTB").Rows(inc).Item(17)
            OUT_ONTextBox.Text = dsSearch.Tables("NFTB").Rows(inc).Item(18)
            APPTextBox.Text = dsSearch.Tables("NFTB").Rows(inc).Item(19)
            APP_MAILTextBox.Text = dsSearch.Tables("NFTB").Rows(inc).Item(20)
            APP_OWNTextBox.Text = dsSearch.Tables("NFTB").Rows(inc).Item(21)
        End If


i got error while click the button
No value given for one or more required parameters. at
daSearch.Fill(dsSearch, "NFTB")


Is This A Good Question/Topic? 1
  • +

Replies To: Code search problem

#2 Psyguy  Icon User is offline

  • D.I.C Regular
  • member icon

Reputation: 69
  • View blog
  • Posts: 310
  • Joined: 12-January 11

Re: Code search problem

Posted 01 February 2013 - 08:59 AM

The problem is likely that your query contains this statement:
where S/N = 'some text'



I am assuming that S and N are fields in the table, but if its short for something like "Serial Number" it is not going to produce the expected results. The statement is evaluating the result of S divided by N and is therefore looking for a number result to compare it to.

The other comment I have is about paramaterized queries instead of free text. You should look it up. Inserting free text into a query is always dangerous and suceptible to sql injection hacks.

This post has been edited by Psyguy: 01 February 2013 - 08:59 AM

Was This Post Helpful? 0
  • +
  • -

#3 Psyguy  Icon User is offline

  • D.I.C Regular
  • member icon

Reputation: 69
  • View blog
  • Posts: 310
  • Joined: 12-January 11

Re: Code search problem

Posted 01 February 2013 - 09:09 AM

Example of a paramaterized query:

Dim StudSQL as String = "select * from NFTB where Field1 = @result"
Dim param as SQLParameter = New SQLParameter("@result", Textbox3.text)
Dim dt as Datatable = New DataTable()
Dim sa as SQLDataAdapter = Nothing

Try
     Using conn as SqlConnection = New SqlConnection(conStr)
          sa = New SqlDataAdapter(StudSQL, conn)
          sa.SelectCommand.Parameters.Add(param)
          sa.Fill(dt)
     End Using
Catch ex as SQLException
   'handle any exception
End Try



I don't generally use the OleDB objects, but I'm sure there is a similar fashion of syntax to perform the same type of operations.

This post has been edited by Psyguy: 01 February 2013 - 09:14 AM

Was This Post Helpful? 1
  • +
  • -

#4 Guitora Kuronato  Icon User is offline

  • New D.I.C Head

Reputation: -7
  • View blog
  • Posts: 28
  • Joined: 02-December 12

Re: Code search problem

Posted 04 February 2013 - 09:08 PM

It's look like no use
Was This Post Helpful? -3
  • +
  • -

#5 raghav.naganathan  Icon User is offline

  • Perfectly Squared ;)
  • member icon

Reputation: 408
  • View blog
  • Posts: 1,440
  • Joined: 14-September 12

Re: Code search problem

Posted 04 February 2013 - 09:18 PM

That's certainly not the way to put down someone trying to help you by saying its no use

Well, first of all, whatever Psyguy mentioned is a very important part of all your database programs...that is, parameterizing your queries so that your database is secure from SQL injections.

Secondly, do not expect him to provide you code for your program...he is just guiding you how to go about your program so that you can implement the same logic on your own in your program.

Third, please realize that the people who help you here are not getting paid to do so...they are doing it as they want to help people out with their problems...so, you need to appreciate that fact and never ever post such comments for anyone who is giving you some useful information.

regards,
Raghav
Was This Post Helpful? 0
  • +
  • -

#6 b2.f2  Icon User is offline

  • D.I.C Head

Reputation: 11
  • View blog
  • Posts: 76
  • Joined: 21-May 07

Re: Code search problem

Posted 04 February 2013 - 10:46 PM

1)Check carefully that you have spelt the names correctly (exactly the same as they appear in the database)

2)Check that these values are actually valid, especially if you are getting any values from the user. For example, ensure that the value for a numeric field contains a number, and that for string data you are dealing with the '

3)Check that any values you specified are delimited correctly for the data type

4)If a name contains a space or other non-alphanumeric character (such as %) it needs to be enclosed in square brackets within any SQL statements, eg:
".. FROM [table 1] "


90% of that error comes from misspelled field/table names
Was This Post Helpful? 0
  • +
  • -

#7 Guitora Kuronato  Icon User is offline

  • New D.I.C Head

Reputation: -7
  • View blog
  • Posts: 28
  • Joined: 02-December 12

Re: Code search problem

Posted 05 February 2013 - 12:28 AM

Ok Ok,, sorry for the replying,, i wasnt meant to hurt anyone else. I was in quick of time also i wasnt so good in english, so i just randomly type to reply.
I just mean that i had solve it before and what he write i cant catch.. I doesnt mean to hurt anyone else.
Please forgive me..

And thanks you all..
I want to know how can i close a topic if i had post it, but before anyone reply it. i had solve it myself.
Somebody please teach me to skip next time misunderstand.
Sorry
Was This Post Helpful? -2
  • +
  • -

#8 b2.f2  Icon User is offline

  • D.I.C Head

Reputation: 11
  • View blog
  • Posts: 76
  • Joined: 21-May 07

Re: Code search problem

Posted 05 February 2013 - 05:09 PM

So what was the problem? Perhaps someone can benefit from it with similar problems.
Was This Post Helpful? 0
  • +
  • -

#9 Guitora Kuronato  Icon User is offline

  • New D.I.C Head

Reputation: -7
  • View blog
  • Posts: 28
  • Joined: 02-December 12

Re: Code search problem

Posted 05 February 2013 - 05:57 PM

MM,, i would like to ask..
My database isnt using SQL, so what is the code for database that using Access?
Was This Post Helpful? -3
  • +
  • -

Page 1 of 1