-1

The above code has been runtime Error display. Variable 'objReader' is used before it has been assigned a value. A null reference Exception could result at runtime. pls solve this error.


Error Line for: objReader.Close()

Protected Sub Login(ByVal sender As Object, ByVal e As System.EventArgs)
        Dim intID As Integer = 0

        Dim Conn As New OleDbConnection("Provider=" & _
              "Microsoft.Jet.OLEDB.4.0;" & _
              "Data Source=userTable.mdb")

        Dim objCmd As OleDbCommand = New OleDbCommand _
           ("SELECT UserID FROM tblUsers WHERE " & _
           "Username = '" & tbUsername.Text & "' " & _
           "AND Password = '" & tbPassword.Text & "'", Conn)
        Dim objReader As OleDbDataReader

        Try
            objCmd.Connection.Open()
            objReader = objCmd.ExecuteReader()

            Do While objReader.Read
                intID = objReader.GetInt32(0).ToString()
            Loop
        Catch ex As OleDbException
            lblMessage.Text = ex.Message
        Finally
            objReader.Close()
            objCmd.Connection.Close()
        End Try

        If intID <> 0 Then
            FormsAuthentication.SetAuthCookie(intID, False)
            lblMessage.Text = "Success!"
        Else
            lblMessage.Text = "Invalid username or password!"
        End If
End Sub
Votes + Comments
Do not flood the forum by posting the same question more than once (ie in multiple forums).
3
Contributors
7
Replies
8
Views
7 Years
Discussion Span
Last Post by apegram
0

Remove the try catch finally block. If it throws an exception then post error (message) trace here.

0

objReader is declared but not instantiated (or otherwise given an initial value) before the try/catch/finally block. When objReader.Close() is referenced in the Finally block, the object is not guaranteed to have been instantiated because an exception could have thrown before the object is successfully instantiated in the Try block. A couple of options.

a) Move objReader.Close() to the bottom of the Try block.
b) Declare the object in such a manner:

Dim objReader As OleDbDataReader = Nothing

And then modify the Finally block to contain the following

If Not (objReader Is Nothing) Then
                If Not objReader.IsClosed Then
                    objReader.Close()
                End If
            End If

Edited by apegram: n/a

0

Syntax error in FROM clause. pls help me.

Protected Sub Login(ByVal sender As Object, ByVal e As System.EventArgs)

Dim Conn As New OleDbConnection("Provider=" & _
"Microsoft.Jet.OLEDB.4.0;" & _
"Data Source=C:\Documents and Settings\raja\My Documents\login.mdb")

Dim objCmd As OleDbCommand = New OleDbCommand _
("select username from user where " & _
"username = '" & tbUsername.Text & "' " & _
"and password = '" & tbPassword.Text & "'", Conn)

Dim objReader As OleDbDataReader = Nothing 

try
objCmd.Connection.Open()
objReader = objCmd.ExecuteReader()

if (objReader.Item("username")=tbUsername.Text)

lblMessage.Text = "Success!"
else
lblMessage.Text = "Invalid username or password!"
end if
catch ex as OleDbException
lblMessage.Text = ex.Message
finally
If Not (objReader Is Nothing) Then 
If Not objReader.IsClosed Then
objReader.Close()
End If
End If

objCmd.Connection.Close()
End try



End Sub

Thread: Pls help me.
Forum: ASP.NET

Edited by __avd: Added [code] tags. For easy readability, always wrap programming code within posts in [code] (code blocks).

0

Avoid the use of reserved name of ms-access.

Dim objCmd As OleDbCommand = New OleDbCommand _
("select [username] from [user] where " & _
" [username] = '" & tbUsername.Text & "' " & _
"and [password] = '" & tbPassword.Text & "'", Conn)
0

I can check for above code if condition then else part cann't display the message. pls help me.

Protected Sub Login(ByVal sender As Object, ByVal e As System.EventArgs)
        
        Dim Conn As New OleDbConnection("Provider=Microsoft.Jet.OLEDB.4.0;Data Source=C:\Documents and Settings\raja\My Documents\login.mdb")
        Dim objCmd As OleDbCommand = New OleDbCommand("select [username] from [user] where [username] = '" & tbUsername.Text & "' and [password] = '" & tbPassword.Text & "'", Conn)
        Dim objReader As OleDbDataReader
      
        objCmd.Connection.Open()
        objReader = objCmd.ExecuteReader()

        Do While objReader.Read
            If (objReader.Item("username") = tbUsername.Text) Then
                lblMessage.Text = "Success!"
            Else
                lblMessage.Text = "Invalid username or password!"
            End If
        Loop
               
        objCmd.Connection.Close()
       
       
    End Sub
0

Missing handles clause.

Protected Sub Login(ByVal sender As Object, ByVal e As System.EventArgs) Handles Login.Click
    ...
End Sub
0

You've got a logical flaw.

Dim objCmd As OleDbCommand = New OleDbCommand("select [username] from [user] where [username] = '" & tbUsername.Text & "' and [password] = '" & tbPassword.Text & "'", Conn)

In this piece of code, you're constructing a SQL statement based on the username and password matching the inputs from a user. Ignoring your SQL injection vulnerability for a moment, let's skip ahead to your later code.

Do While objReader.Read
            If (objReader.Item("username") = tbUsername.Text) Then
                lblMessage.Text = "Success!"
            Else
                lblMessage.Text = "Invalid username or password!"
            End If
        Loop

Do you see what's going on? If objReader can Read, the If statement is inherently true, because you've already limited the username to matches of tbUsername.Text in your SQL statement. If the If statement did not evaluate to true, objReader would not read! You'll never reach the Else portion.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.