what is wrong with these codes ?

Karwan Kh 1 Reputation point
2021-09-02T12:15:37.667+00:00

whenever I want to create a multi user loginform this error pops up and gives me this notification
(System.NullReferenceException: 'Object variable or With block variable not set.' )

Imports System.Data.SqlClient
Public Class Form1
Private Sub Btnlogin_Click(sender As Object, e As EventArgs) Handles btnlogin.Click
Dim con As New SqlConnection("Data Source=Karwan;Initial Catalog=login;Integrated Security=True")
Dim txtuser As Object = Nothing
Dim txtpass As Object = Nothing
Dim cmbusertype As Object = Nothing
Dim cmd As SqlCommand = New SqlCommand(" select * from login where username='" & txtuser.Text & "'and password='" & txtpass.Text & "' and usertype= '" & cmbusertype.SelectedItem & "'", con)
Dim sda As SqlDataAdapter = New SqlDataAdapter(cmd)
Dim dt As DataTable = New DataTable()
sda.Fill(dt)
If (dt.Rows.Count > 0) Then
MessageBox.Show("چوونە ژوورەوە سەرکەوتوو بوو" + dt.Rows(0)(2))

        If (cmbusertype.selectedindex = 0) Then
            Dim a As New Admin
            a.Show()
            Me.Hide()
        Else
            Dim u As New User
            u.Show()
            Me.Hide()

        End If
    Else
        MessageBox.Show("زانیاریەکانت هەڵەیە")
    End If
End Sub

End Class

Windows Forms
Windows Forms
A set of .NET Framework managed libraries for developing graphical user interfaces.
1,865 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Viorel 114K Reputation points
    2021-09-02T13:06:25.397+00:00

    Probably you must remove these lines:

    Dim txtuser As Object = Nothing
    Dim txtpass As Object = Nothing
    Dim cmbusertype As Object = Nothing
    

    Assuming that the form contains such controls. Or use the name of the corresponding controls.

    Note that it is possible to enter a special password without knowing the real correct password. To solve this vulnerability, consider "Parameterised queries".

    0 comments No comments