0

I have an error about "invalidoperationexception was unhandled"

My Code Is Like This :

 Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
    sql = "select * from tb_user where user_name='" + TxtUser.Text + "' and user_password='" + txtPass.Text + "'"
    cmd = New SqlCommand(sql, con)
    rd = cmd.ExecuteReader
    If (rd.HasRows) Then
        rd.Read()
        If rd.Item("user_position") = "Manager" Then
            Form5.MasterDataToolStripMenuItem.Visible = False
            Form5.mTransaction.Visible = False
            Form5.mReport.Visible = True
            Form5.mSetting.Visible = False
        ElseIf rd.Item("user_position") = "Admin" Then
            Form5.MasterDataToolStripMenuItem.Visible = True
            Form5.mTransaction.Visible = True
            Form5.mReport.Visible = False
            Form5.mSetting.Visible = True
        ElseIf rd.Item("user_position") = "Operator" Then
            Form5.MasterDataToolStripMenuItem.Visible = False
            Form5.mTransaction.Visible = True
            Form5.mReport.Visible = True
            Form5.mSetting.Visible = False
        End If
        Form5.useractive.Text = rd.Item("user_name")
        Form5.Statusposition.Text = rd.Item("user_position")
        Form5.ShowDialog()
    Else
        MsgBox("Access Denied! Check Username And Password!")
        TxtUser.Clear()
        txtPass.Clear()
        TxtUser.Focus()
    End If
End Sub

And error say "ExecuteReader: Connection property has not been initialized." in this code :

 rd = cmd.ExecuteReader

I don't know what's wrong with My code. Is Anyone can help me? I Just Newbie In Here. Thanks.

IndoProgrammer
  • 15
  • 6

2 Answers2

0

I suspect you did not properly set the "con" variable which you use here:

cmd = New SqlCommand(sql, con)

And please do not generate SQL-queries with string concatenation like this. Use paremeterized queries: How do I create a parameterized SQL query? Why Should I?

MatSnow
  • 7,357
  • 3
  • 19
  • 31
0
Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
Using (con = New SqlClient.SqlConnection(yourconnectionString))
    Try
        con.Open();
        Dim sqlQuery As String = "select * from tb_user where user_name='" + TxtUser.Text + "' and user_password='" + txtPass.Text + "'"
        Dim sqlCommand As SqlClient.SqlCommand = New SqlClient.SqlCommand(sqlQuery, con)
        rd = sqlCommand.ExecuteReader()

        If (rd.HasRows) Then
            rd.Read()
            If rd.Item("user_position") = "Manager" Then
                Form5.MasterDataToolStripMenuItem.Visible = False
                Form5.mTransaction.Visible = False
                Form5.mReport.Visible = True
                Form5.mSetting.Visible = False
            ElseIf rd.Item("user_position") = "Admin" Then
                Form5.MasterDataToolStripMenuItem.Visible = True
                Form5.mTransaction.Visible = True
                Form5.mReport.Visible = False
                Form5.mSetting.Visible = True
            ElseIf rd.Item("user_position") = "Operator" Then
                Form5.MasterDataToolStripMenuItem.Visible = False
                Form5.mTransaction.Visible = True
                Form5.mReport.Visible = True
                Form5.mSetting.Visible = False
            End If
            Form5.useractive.Text = rd.Item("user_name")
            Form5.Statusposition.Text = rd.Item("user_position")
            Form5.ShowDialog()
        Else
            MsgBox("Access Denied! Check Username And Password!")
            TxtUser.Clear()
            txtPass.Clear()
            TxtUser.Focus()
        End If

    Catch ex As Exception

    End Try
End Using

End Sub

Ramankingdom
  • 1,478
  • 2
  • 12
  • 17