Saturday, June 09, 2012 9:12 AM
My code is the following:
Private Sub Button1_Click(sender As System.Object, e As System.EventArgs) Handles Button1.Click mysqlconnection = New MySqlConnection() mysqlconnection.ConnectionString = "server=db4free.net;Port=3306; user id=leo1234; password=password; database=database123e;" Try mysqlconnection.Open() Catch ex As MySql.Data.MySqlClient.MySqlException Select Case ex.Number Case 0 MessageBox.Show("Cannot connect to server. Contact administrator") Case 1045 MessageBox.Show("Invalid username/password, please try again") Case Else MessageBox.Show("Connected to Server") End Select End Try Dim myadapter As New MySqlDataAdapter Dim sqlquary = "INSERT Into Users WHERE Username='" & UsernameTextBox.Text & "'And Password='" & PasswordTextBox.Text & "';" Dim command As New MySqlCommand command.Connection = mysqlconnection command.CommandText = sqlquary myadapter.SelectCommand = command Dim mydata As MySqlDataReader mydata = command.ExecuteReader If mydata.HasRows = 0 Then MsgBox("Error") Else Form1.Show() Me.Close() End If End Sub End Class
I don't have any errors on the password orr the database!!!I only have errors on the "sqlquary"
Can you tell me how to do it???
Saturday, June 09, 2012 1:39 PM
I don't use MySQL but I seriously doubt your insert query's syntax is correct. I'll assume you are actually trying to insert and not select (because your thread title includes the word "register"). To insert you should list the columns you are inserting into and then provide values in a set matching the order of those columns, like the top example in this link: http://www.webdevelopersnotes.com/tutorials/sql/mysql_course_inserting_data_in_mysql_tables.php3
So your insert should probably look like this:
Dim sqlquary = "INSERT INTO Users ([Username], [Password]) VALUES ('" & UsernameTextBox.Text & "','" & PasswordTextBox.Text & "');"
However, you really should not be concatenating textbox values directly into your SQL statement because of the possiblity of sql injection. What you have is an aggregious lapse in security and I highly recommen you look into using parameters - assuming MySQL allows for parameters. Please consider this or suffer the fate of the school of little Bobby Tables: http://xkcd.com/327/ :p
Saturday, June 09, 2012 3:14 PMThank you very much!!!Your advise was really helpful!!!!!!!