Hello,

I am developing a mobile application (school project) using a Windows Mobile 6 Professional emulator. This application has a login function that prompts for a password and uses a Data Access Object(DAO) to connect to a SQLServerCE database. This database has a table called User which stores the password. The DAO has an authenticateUser() method that checks the password entered.
However when i enter the password and click the 'submit' button i keep getting the following error " There was an error parsing the query.[Token line number = 1, Token line offset = 15, Token in error = User]". I am new to SQLServerCE database and am not sure how the connection string works so I'm learning through trial and error. I think the problem may be with this connection string or the DataReader but i'm not sure.

Any help on this problem will be greatly appreciated as I'm running on a very tight submission deadline. This is the complete code for the DAO:

public class DataAccessObject
    {
        private byte _DB_ERROR_CODE = 255;
        private SqlCeCommand _aDBcommand;
        private SqlCeConnection _aDBconnection;
        private SqlCeDataReader _aDataReader;
        private string _dbConnectionString;
                       
        /******* Define Class Properties *******/

        public byte DB_ERROR_CODE
        {
            get { return (_DB_ERROR_CODE); }
        }// end of DB_ERROR_CODE property definition

        public SqlCeCommand aDBcommand
        {
            set { _aDBcommand = value;}
            get { return (_aDBcommand); }
        }// end of aDBcommand property definition

        public SqlCeConnection aDBconnection
        {
            set { _aDBconnection = value; }
            get { return (_aDBconnection); }
        }// end of aDBconnection property definition

        public SqlCeDataReader aDataReader
        {
            set { _aDataReader = value; }
            get { return (_aDataReader); }
        }// end of aDataReader property definition

        public string aConnectionString
        {
            set { _dbConnectionString = value; }
            get { return (_dbConnectionString); }
        }
        // end of aConnectionString property definition

   
        /*******Define the constructor*******/

        public DataAccessObject()
        {
            aDBcommand = null;
            aDBconnection = null;
            aDataReader = null;
            //aConnectionString = 
        }//end of DataAccessObject() Constructor

        public byte authenticateUser(string password, ref string resultMsg)
         {
             
             try // make sure any database exception is properly handled
             {
                 // create a new database connection
                
                 //aDBconnection = new SqlCeConnection("Data Source=\\Visual Studio 2008\\Projects\\MobileWallet\\MobileWalletData\\Wallet.sdf;password=a18b9e72d");
                // _dbConnectionString = "Data Source =\"\\Mobile Device\\Storage Card\\MobileWalletData\\Wallet.sdf\";password=\"a18b9e72d\";";
                 _dbConnectionString = "Data Source = " + Path.GetDirectoryName(System.Reflection.Assembly.GetExecutingAssembly().GetName().CodeBase) +
                                       "\\Wallet.sdf\\; password = \"a18b9e72d\";";
                aDBconnection = new SqlCeConnection(_dbConnectionString);
                
                 // open the database connection
                 aDBconnection.Open();

                 // create the adapter and fill the dataset
                 //aDBcommand = new SqlCeCommand("SELECT * FROM User WHERE password = @password", aDBconnection);
                 //aDBcommand.CommandType = CommandType.Text;
                 aDBcommand = new SqlCeCommand();
                 aDBcommand.Connection = aDBconnection;
                 aDBcommand.CommandText = "SELECT * FROM User WHERE password = @password," + aDBconnection;
                 aDBcommand.Parameters.Add("@userpassword", SqlDbType.NVarChar);
                 aDBcommand.Parameters["@userpassword"].Value = password;
                 
                 
                 aDataReader = aDBcommand.ExecuteReader();

                 if(aDataReader.HasRows)
                 {
                     resultMsg = "Successful Login";
                     return (1);
                 }
                 else
                 {
                     resultMsg = "Invalid Password";
                     return(2);
                 }
             }
             catch (SqlCeException sqlEx)
             {
                 // Report the Database Error to the user
                 resultMsg = "Error Accessing the Database: " + sqlEx.Message;
                 return (DB_ERROR_CODE);

             }
             finally
             {
                 // tidy up the databse connection if it is unclosed
                 if (aDBconnection != null)
                 {
                     aDBconnection.Close();
                 }
             }
         }// end of authenticateUser()method

    }// end of class DataAccessObject

Edited 6 Years Ago by __avd: Added [code] tags.

Line #73

aDBcommand.CommandText = "SELECT * FROM [User] WHERE  [password] = @password";
aDBcommand.Parameters.Add("@password", SqlDbType.NVarChar);

aDBcommand.Parameters["@password"].Value = password;

aDataReader = aDBcommand.ExecuteReader();

if(aDataReader.Read())
 {
   resultMsg = "Successful Login";
   return (1);
}
else
{
 resultMsg = "Invalid Password";
 return(2);
 }
}

Line #73

aDBcommand.CommandText = "SELECT * FROM [User] WHERE  [password] = @password";
aDBcommand.Parameters.Add("@password", SqlDbType.NVarChar);

aDBcommand.Parameters["@password"].Value = password;

aDataReader = aDBcommand.ExecuteReader();

if(aDataReader.Read())
 {
   resultMsg = "Successful Login";
   return (1);
}
else
{
 resultMsg = "Invalid Password";
 return(2);
 }
}

Hi, thanks for your reply.
I made the changes you requested but i now get the following error :- Parameter Type has not been declared. [Parameter ordinal = 1, Parameter name (if available) = @password]

This question has already been answered. Start a new discussion instead.