i'm trying to create a ntier desktop application using vb.net 2008.I'm trying this code
Presentation Layer
Imports System
Imports System.ComponentModel
Imports System.Data
Imports System.Data.OleDb
Imports System.Drawing
Imports System.Text
Imports System.Windows.Forms
Imports Pos.Pos.BLL
Imports Pos.Pos.DAL
Imports System.Xml
Imports System.Collections.Generic
Public Class frmLogin
Private user As New User()
Private CnnStr As String = "Provider=Microsoft.ACE.OLEDB.12.0;Data " + "Source= " + Application.StartupPath + "\pos.accdb;Jet OLEDB:Database Password=pos"
Private cnn As New OleDbConnection()
Private Sub btnLogin_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnLogin.Click
'Try
'menu = user.getMenu()
Dim menu As New List(Of String)
If cnn.State = ConnectionState.Open Then
cnn.Close()
End If
Try
Dim jabatan As String = user.login(txtUser.Text, txtPassword.Text)
MsgBox(jabatan)
menu = user.getMenu(jabatan)
'Dim strCommand As String = "select Menu from tblJabatan where JabatanName='" + jabatan + "'"
'cnn.ConnectionString = CnnStr
'cnn.Open()
'Dim Comm As New OleDbCommand(strCommand, cnn)
'Dim dr As OleDbDataReader = Comm.ExecuteReader
'Do While dr.Read
'menu.Add(dr(0).ToString)
'Loop
If Not menu Is Nothing Then
For Each Str As String In menu
MsgBox(Str)
Next
Else
MsgBox("Tidak ditemukan data")
End If
Catch ex As Exception
Throw ex
End Try
End Sub
End Class
Business Layer
Public Class User
Private User As New daUser()
Private m_UserID As Integer
Private m_User As String
Private m_Pwd As String
Private m_Jabatan As String
Public Sub New()
MyBase.New()
End Sub
'''<summary>
'''ID User
'''</summary>
Public Property UserID() As Integer
Get
Return m_UserID
End Get
Set(ByVal value As Integer)
m_UserID = value
End Set
End Property
'''<summary>
'''Username
'''</summary>
Public Property Username() As String
Get
Return m_User
End Get
Set(ByVal value As String)
m_UserID = value
End Set
End Property
'''<summary>
'''Password
'''</summary>
Public Property Password() As String
Get
Return m_Pwd
End Get
Set(ByVal value As String)
m_Pwd = value
End Set
End Property
'''<summary>
'''Jabatan
'''</summary>
Public Property Jabatan() As String
Get
Return m_Jabatan
End Get
Set(ByVal value As String)
m_Jabatan = value
End Set
End Property
Public Sub add()
User.add(Me)
End Sub
Public Function login(ByVal Username As String, ByVal Password As String) As String
Return User.Login(Username, Password)
End Function
Public Function getMenu(ByVal Jabatan As String) As List(Of String)
Ret开发者_开发百科urn User.getMenu(Jabatan)
End Function
End Class
Data Layer
Public Class daUser
Public Sub New()
cnn.ConnectionString = CnnStr
cnn.Open()
End Sub
Public Function Login(ByVal username As String, ByVal password As String) As String
'Dim role As String
If cnn.State = ConnectionState.Open Then
cnn.Close()
End If
Try
Dim strCom As String = "select Jabatan from tblUser where Username='" + username + "' and Password='" + password + "'"
cnn.ConnectionString = CnnStr
cnn.Open()
Dim Comm As New OleDbCommand(strCom, cnn)
Dim dr As OleDbDataReader = Comm.ExecuteReader
While dr.Read
role = dr(0).ToString
End While
cnn.Close()
Catch ex As Exception
Return ex.ToString
Finally
End Try
Return role
End Function
Public Function getMenu(ByVal jabatan As String) As List(Of String)
If cnn.State = ConnectionState.Open Then
cnn.Close()
End If
Try
Dim strCommand As String = "select Menu from tblJabatan where JabatanName='" + jabatan + "'"
cnn.ConnectionString = CnnStr
cnn.Open()
Dim Comm As New OleDbCommand(strCommand, cnn)
Dim dr As OleDbDataReader = Comm.ExecuteReader
While dr.Read
menu.Add(dr("Menu").ToString)
End While
cnn.Close()
Catch er As OleDb.OleDbException
Catch ex As Exception
Finally
End Try
Return menu
End Function
End Class
When i run it,it gives me this warning
System.NullReferenceException: Object reference not set to an instance of an object at Pos.frmLogin.btnLogin_Click(Object sender,EventArgs e) in C:\Documents and Settings\Administrator\My Documents\Visual Studio 2008\Projects \POS\Pos\Form\frmLogin.vb:line 39
Please point me what mistake did i made and how to solve it
The code for the the error is
For Each Str As String In menu
MsgBox(Str)
Next
By the way what i want to achieve is how to get the data as a List(Of String),because if i put the getMenu function into the presentation layer directly,it gives me the data as i expected..Also if i return as a string instead of List(Of String),it gives me the single data. Thanks...
This is due to the fact that you haven't instantiated menu. Change the declaration for menu to
Dim menu As New List(Of String)
Someone should probably tell you that you have quite a few things wrong with this. Firstly and most importantly, building Dynamic SQL like that will make your application vulnerable to SQL injection. The other thing is that exception details should not be returned to the user. By doing this you have basically given the caller an "oracle" to use in conjunction with the SQL vulnerability. With just these two problems, anyone with basic SQL knowledge can do whatever they want to your data.
There are a few other items (empty finally, empty catches, not using "Using", object naming collisions, etc), but the security items are much more important.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论