Search code examples
asp.netvb.netoledbexecutescalardata-connections

Visual Basic Login

Would somebody be able to help me I'm having some issues with my login. When i try to log in i get the error "Multiple-step OLE DB operation generated errors. Check each OLE DB status value, if available. No work was done." - In junction with the ExecuteScalar retrieval.

Thank you in advance for any help you may or may not be able to give me.

 Protected Sub btnLogin_Click(sender As Object, e As EventArgs) Handles btnLogin.Click

    If String.IsNullOrWhiteSpace(txtUsername.Text) Then
        Invalid()
        Exit Sub
    End If

    Using con As New OleDbConnection(connectionString)
        Dim cmd As New OleDbCommand("Select count(*) From tblAccounts where Username = ?", con)
        cmd.Parameters.AddWithValue("Username", txtUsername)
        con.Open()

        If CType(cmd.ExecuteScalar(), Integer) > 0 Then
            cmd.CommandText = "Select CPassword From tblAccounts Where Username = ?"
            Dim matches As String = CType(cmd.ExecuteScalar(), String)
            If matches = Sha1(txtPassword.Text) Then
                Response.Redirect("main.aspx")
            Else
                Invalid()
            End If
        Else
            Invalid()
        End If
    End Using

 End Sub
Solution

  • Firstly, I would suggest (which has already been suggested), that you recheck the connection string...

    Personally, I wouldn't re-use the same OleDbCommand, as this may lead to undesired results. Instead, I'd try something like the following:

    Protected Sub btnLogin_Click(sender As Object, e As EventArgs) Handles btnLogin.Click

    If Not String.IsNullOrWhiteSpace(txtUsername.Text) Then

        Using con As New OleDbConnection(ConnectionString)
            con.Open()

            Dim Result As Integer = 0

            Using cmd As New OleDbCommand("Select count(*) From tblAccounts where Username = @Username", con)
                cmd.Parameters.AddWithValue("@Username", txtUsername.text)

                Result = CInt(cmd.ExecuteScalar)
            End Using

            If Result > 0 Then
                Using cmd As New OleDbCommand("Select CPassword From tblAccounts Where Username = @Username", con)
                    cmd.Parameters.AddWithValue("@Username", txtUsername.text)

                    Dim Obj As Object = cmd.ExecuteScalar()

                    If (Obj IsNot Nothing) AndAlso (Obj IsNot DBNull.Value) Then
                        Dim matches As String = Obj.ToString

                        If matches = SHA1(txtPassword.Text) Then
                            Response.Redirect("main.aspx")
                            Exit Sub
                        End If

                    End If

                End Using
            End If

        End Using

    End If

    Invalid()

End Sub

    Hope this helps