返回字符串 vb.net 桌面应用程序列表时出错
我正在尝试使用 vb.net 2008 创建一个 ntier 桌面应用程序。我正在尝试这段代码
表示层
Imports System
Imports System.ComponentModel
Imports System.Data
Imports System.Data.OleDb
Imports System.Drawing
Imports System.Text
Imports System.Windows.Forms
Imports Pos.Pos.BLL
Imports Pos.Pos.DAL
Imports System.Xml
Imports System.Collections.Generic
Public Class frmLogin
Private user As New User()
Private CnnStr As String = "Provider=Microsoft.ACE.OLEDB.12.0;Data " + "Source= " + Application.StartupPath + "\pos.accdb;Jet OLEDB:Database Password=pos"
Private cnn As New OleDbConnection()
Private Sub btnLogin_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnLogin.Click
'Try
'menu = user.getMenu()
Dim menu As New List(Of String)
If cnn.State = ConnectionState.Open Then
cnn.Close()
End If
Try
Dim jabatan As String = user.login(txtUser.Text, txtPassword.Text)
MsgBox(jabatan)
menu = user.getMenu(jabatan)
'Dim strCommand As String = "select Menu from tblJabatan where JabatanName='" + jabatan + "'"
'cnn.ConnectionString = CnnStr
'cnn.Open()
'Dim Comm As New OleDbCommand(strCommand, cnn)
'Dim dr As OleDbDataReader = Comm.ExecuteReader
'Do While dr.Read
'menu.Add(dr(0).ToString)
'Loop
If Not menu Is Nothing Then
For Each Str As String In menu
MsgBox(Str)
Next
Else
MsgBox("Tidak ditemukan data")
End If
Catch ex As Exception
Throw ex
End Try
End Sub
End Class
业务层
Public Class User
Private User As New daUser()
Private m_UserID As Integer
Private m_User As String
Private m_Pwd As String
Private m_Jabatan As String
Public Sub New()
MyBase.New()
End Sub
'''<summary>
'''ID User
'''</summary>
Public Property UserID() As Integer
Get
Return m_UserID
End Get
Set(ByVal value As Integer)
m_UserID = value
End Set
End Property
'''<summary>
'''Username
'''</summary>
Public Property Username() As String
Get
Return m_User
End Get
Set(ByVal value As String)
m_UserID = value
End Set
End Property
'''<summary>
'''Password
'''</summary>
Public Property Password() As String
Get
Return m_Pwd
End Get
Set(ByVal value As String)
m_Pwd = value
End Set
End Property
'''<summary>
'''Jabatan
'''</summary>
Public Property Jabatan() As String
Get
Return m_Jabatan
End Get
Set(ByVal value As String)
m_Jabatan = value
End Set
End Property
Public Sub add()
User.add(Me)
End Sub
Public Function login(ByVal Username As String, ByVal Password As String) As String
Return User.Login(Username, Password)
End Function
Public Function getMenu(ByVal Jabatan As String) As List(Of String)
Return User.getMenu(Jabatan)
End Function
End Class
数据层
Public Class daUser
Public Sub New()
cnn.ConnectionString = CnnStr
cnn.Open()
End Sub
Public Function Login(ByVal username As String, ByVal password As String) As String
'Dim role As String
If cnn.State = ConnectionState.Open Then
cnn.Close()
End If
Try
Dim strCom As String = "select Jabatan from tblUser where Username='" + username + "' and Password='" + password + "'"
cnn.ConnectionString = CnnStr
cnn.Open()
Dim Comm As New OleDbCommand(strCom, cnn)
Dim dr As OleDbDataReader = Comm.ExecuteReader
While dr.Read
role = dr(0).ToString
End While
cnn.Close()
Catch ex As Exception
Return ex.ToString
Finally
End Try
Return role
End Function
Public Function getMenu(ByVal jabatan As String) As List(Of String)
If cnn.State = ConnectionState.Open Then
cnn.Close()
End If
Try
Dim strCommand As String = "select Menu from tblJabatan where JabatanName='" + jabatan + "'"
cnn.ConnectionString = CnnStr
cnn.Open()
Dim Comm As New OleDbCommand(strCommand, cnn)
Dim dr As OleDbDataReader = Comm.ExecuteReader
While dr.Read
menu.Add(dr("Menu").ToString)
End While
cnn.Close()
Catch er As OleDb.OleDbException
Catch ex As Exception
Finally
End Try
Return menu
End Function
End Class
当我运行它时,它给了我这个警告
System.NullReferenceException:未将对象引用设置为对象的实例 在 C:\Documents and Settings\Administrator\My Documents\Visual Studio 2008\Projects 中的 Pos.frmLogin.btnLogin_Click(Object sender,EventArgs e) \POS\Pos\Form\frmLogin.vb:第 39 行
请指出我犯了什么错误以及如何解决它
错误的代码是
For Each Str As String In menu
MsgBox(Str)
Next
顺便说一句我想要实现的是如何以列表形式获取数据(String),因为如果我将 getMenu 函数直接放入表示层,它会按我的预期提供数据。此外,如果我作为字符串返回而不是 List(Of String),它会提供单个数据。 谢谢...
i'm trying to create a ntier desktop application using vb.net 2008.I'm trying this code
Presentation Layer
Imports System
Imports System.ComponentModel
Imports System.Data
Imports System.Data.OleDb
Imports System.Drawing
Imports System.Text
Imports System.Windows.Forms
Imports Pos.Pos.BLL
Imports Pos.Pos.DAL
Imports System.Xml
Imports System.Collections.Generic
Public Class frmLogin
Private user As New User()
Private CnnStr As String = "Provider=Microsoft.ACE.OLEDB.12.0;Data " + "Source= " + Application.StartupPath + "\pos.accdb;Jet OLEDB:Database Password=pos"
Private cnn As New OleDbConnection()
Private Sub btnLogin_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnLogin.Click
'Try
'menu = user.getMenu()
Dim menu As New List(Of String)
If cnn.State = ConnectionState.Open Then
cnn.Close()
End If
Try
Dim jabatan As String = user.login(txtUser.Text, txtPassword.Text)
MsgBox(jabatan)
menu = user.getMenu(jabatan)
'Dim strCommand As String = "select Menu from tblJabatan where JabatanName='" + jabatan + "'"
'cnn.ConnectionString = CnnStr
'cnn.Open()
'Dim Comm As New OleDbCommand(strCommand, cnn)
'Dim dr As OleDbDataReader = Comm.ExecuteReader
'Do While dr.Read
'menu.Add(dr(0).ToString)
'Loop
If Not menu Is Nothing Then
For Each Str As String In menu
MsgBox(Str)
Next
Else
MsgBox("Tidak ditemukan data")
End If
Catch ex As Exception
Throw ex
End Try
End Sub
End Class
Business Layer
Public Class User
Private User As New daUser()
Private m_UserID As Integer
Private m_User As String
Private m_Pwd As String
Private m_Jabatan As String
Public Sub New()
MyBase.New()
End Sub
'''<summary>
'''ID User
'''</summary>
Public Property UserID() As Integer
Get
Return m_UserID
End Get
Set(ByVal value As Integer)
m_UserID = value
End Set
End Property
'''<summary>
'''Username
'''</summary>
Public Property Username() As String
Get
Return m_User
End Get
Set(ByVal value As String)
m_UserID = value
End Set
End Property
'''<summary>
'''Password
'''</summary>
Public Property Password() As String
Get
Return m_Pwd
End Get
Set(ByVal value As String)
m_Pwd = value
End Set
End Property
'''<summary>
'''Jabatan
'''</summary>
Public Property Jabatan() As String
Get
Return m_Jabatan
End Get
Set(ByVal value As String)
m_Jabatan = value
End Set
End Property
Public Sub add()
User.add(Me)
End Sub
Public Function login(ByVal Username As String, ByVal Password As String) As String
Return User.Login(Username, Password)
End Function
Public Function getMenu(ByVal Jabatan As String) As List(Of String)
Return User.getMenu(Jabatan)
End Function
End Class
Data Layer
Public Class daUser
Public Sub New()
cnn.ConnectionString = CnnStr
cnn.Open()
End Sub
Public Function Login(ByVal username As String, ByVal password As String) As String
'Dim role As String
If cnn.State = ConnectionState.Open Then
cnn.Close()
End If
Try
Dim strCom As String = "select Jabatan from tblUser where Username='" + username + "' and Password='" + password + "'"
cnn.ConnectionString = CnnStr
cnn.Open()
Dim Comm As New OleDbCommand(strCom, cnn)
Dim dr As OleDbDataReader = Comm.ExecuteReader
While dr.Read
role = dr(0).ToString
End While
cnn.Close()
Catch ex As Exception
Return ex.ToString
Finally
End Try
Return role
End Function
Public Function getMenu(ByVal jabatan As String) As List(Of String)
If cnn.State = ConnectionState.Open Then
cnn.Close()
End If
Try
Dim strCommand As String = "select Menu from tblJabatan where JabatanName='" + jabatan + "'"
cnn.ConnectionString = CnnStr
cnn.Open()
Dim Comm As New OleDbCommand(strCommand, cnn)
Dim dr As OleDbDataReader = Comm.ExecuteReader
While dr.Read
menu.Add(dr("Menu").ToString)
End While
cnn.Close()
Catch er As OleDb.OleDbException
Catch ex As Exception
Finally
End Try
Return menu
End Function
End Class
When i run it,it gives me this warning
System.NullReferenceException: Object reference not set to an instance of an object
at Pos.frmLogin.btnLogin_Click(Object sender,EventArgs e) in C:\Documents and Settings\Administrator\My Documents\Visual Studio 2008\Projects
\POS\Pos\Form\frmLogin.vb:line 39
Please point me what mistake did i made and how to solve it
The code for the the error is
For Each Str As String In menu
MsgBox(Str)
Next
By the way what i want to achieve is how to get the data as a List(Of String),because if i put the getMenu function into the presentation layer directly,it gives me the data as i expected..Also if i return as a string instead of List(Of String),it gives me the single data.
Thanks...
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
这是因为您尚未实例化菜单。将菜单的声明更改为
This is due to the fact that you haven't instantiated menu. Change the declaration for menu to
也许有人应该告诉你,你在这方面有很多问题。首先也是最重要的是,像这样构建动态 SQL 将使您的应用程序容易受到 SQL 注入的攻击。另一件事是异常详细信息不应返回给用户。通过这样做,您基本上已经为调用者提供了一个与 SQL 漏洞结合使用的“oracle”。只要解决这两个问题,任何具有基本 SQL 知识的人都可以对您的数据做任何他们想做的事。
还有一些其他项目(最后为空、空捕获、不使用“使用”、对象命名冲突等),但安全项目更为重要。
Someone should probably tell you that you have quite a few things wrong with this. Firstly and most importantly, building Dynamic SQL like that will make your application vulnerable to SQL injection. The other thing is that exception details should not be returned to the user. By doing this you have basically given the caller an "oracle" to use in conjunction with the SQL vulnerability. With just these two problems, anyone with basic SQL knowledge can do whatever they want to your data.
There are a few other items (empty finally, empty catches, not using "Using", object naming collisions, etc), but the security items are much more important.