* Edit: Sorry about double negative on the title, I don't know how to edit it back
First of all, I am fairly new to Microsoft Access VBA. I created a form with 2 textbox (txtUsername and txtPassword) and one label act as button (I use label instead of button because I want to have flat-looking button with red-background). In that label click event, I wrote:
Dim query As String
'' strSQL is a function to prevent SQL injection
query = "SELECT * FROM tbUser WHERE username='" + strSQL(txtUsername) + "' AND password='" + strSQL(txtPassword) + "'"
Msgbox(query)
Set rs = db.OpenRecordSet(query)
If rs.RecordCount = 0 Then
Msgbox("Invalid Username and password")
End If
rs.CloseThen I run my program. I input "visal" into txtUsername and "12345678" into txtPassword. Then I click on that label. Result is:
SELECT * FROM tbUser WHERE username='visal' AND password='1234678'Then, when I change txtPassword to "helloworld" then click on that label again. the result is still the same:
SELECT * FROM tbUser WHERE username='visal' AND password='1234678'When I use the same code with button, not label. It seem to work properly. Any idea how to fix it?