I can't use SQL parameters in Delphi, if I try to use them to protect my login form, I get the following error upon login
[0x0005] Operation not supported
The code I am using is :
SQLQuery1.SQL.Text := 'SELECT * FROM registered WHERE email= :Email'+
' and login_pass= :Password';
SQLQuery1.ParamByName('email').AsString := Email;
SQLQuery1.ParamByName('password').AsString := Password;
SQLQuery1.Open; // Open sql connection
if SQLQuery1.recordCount >0 then form2.Show;
but it is not working, the code below works correctly but is it always unsafe :
SQLQuery1.SQL.Text := 'SELECT * FROM registered WHERE email="'+Email+
'" and login_pass= "'+Password+'"';
I am using TMySQLConnection and TMySQLQuery components, set ParamsCheck to True, and using the first code mentioned above which doesn't work, how to correct the problem!
Any suggestion or help would be appreciated.
Thank you
Check the help for "RecordCount". It may raise an exception if the dataset can't determine how many records are returned. What if you remove it and simply check if the dataset not IsEmpty?