I try to change everythings and use new command to correct this code but nothing happened. I always get an error or the database dosen't change at all.
In my database I have Table name ( LogIn) and have (Password),(StudentID) This is my code:
Imports System.Data
Imports System.Data.SqlClient
Partial Class Default2
Inherits System.Web.UI.Page
Protected Sub Button1_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button1.Click
Dim field1 = CType(Session.Item("UserAuthentication"), String)
Dim connectionstring As String = "Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\EEAS.mdf;Integrated Security=True;User Instance=True"
If Page.IsValid Then
Dim MyConnection As New SqlConnection(connectionstring)
Dim MyCommand As New SqlCommand
MyCommand.Connection = MyConnection
MyCommand.CommandType = Data.CommandType.Text
MyCommand.CommandText = "UPDATE LogIn SET [Password] = ? WHERE StudentID = 123456"
MyCommand.Parameters.AddWithValue("Password", TextBox2.Text)
' MyCommand.Parameters.AddWithValue("Username", TextBox1.Text)
'MyCommand.Parameters.AddWithValue("Password2", TextBox3.Text)
Try
MyConnection.Open()
Dim RecordsAffected As Int32 = MyCommand.ExecuteNonQuery
If RecordsAffected = 1 Then
Label4.CssClass = "Success"
Label4.Text = "Password is changed"
Else
Label4.CssClass = "Error"
Label4.Text = "Password is not changed"
End If
Catch ex As Exception
Label4.CssClass = "Error"
Label4.Text = "Database Error"
Finally
MyConnection.Close()
End Try
End If
End Sub
End Class
This is my code in asp.net
<asp:Content ID="Content2" ContentPla开发者_C百科ceHolderID="ContentPlaceHolder1" Runat="Server">
<p>
<br />
</p>
<p>
<span class="style2">To change your password, please fill the form below:</span></p>
<p class="style3"> Change Your Password</p>
<p>
<asp:Label ID="Label1" runat="server" Text="Password:"></asp:Label>
<asp:TextBox ID="TextBox1" runat="server"></asp:TextBox>
</p>
<p>
<asp:Label ID="Label2" runat="server" Text="New Password:"></asp:Label>
<asp:TextBox ID="TextBox2" runat="server"></asp:TextBox>
</p>
<p>
<asp:Label ID="Label3" runat="server" Text="Confirm New Password:"></asp:Label>
<asp:TextBox ID="TextBox3" runat="server"></asp:TextBox>
</p>
<p>
<asp:Label ID="Label4" runat="server" style="color: #FF0000" Text="The Confirm New Password must match the New Password entry."></asp:Label>
</p>
<p>
<asp:Button ID="Button1"
runat="server" Text="Change Password" />
<asp:Button ID="Button2" runat="server" Text="Cancel" />
</p>
<p>
</p>
<p>
</p>
<p>
</p>
<p>
</asp:Content>
You're using the wrong kind of parameter syntax:
MyCommand.CommandText = "UPDATE LogIn SET [Password] = ? WHERE StudentID = 123456"
That would work for an ODBC connection (if I'm not mistaken) - but for SQL Server Express, you need to use a named parameter:
MyCommand.CommandText = "UPDATE dbo.LogIn SET [Password] = @Password WHERE StudentID = 123456"
MyCommand.Parameters.AddWithValue("@Password", TextBox2.Text)
You might also want to parametrize the StudentID
...
精彩评论