I am simulating an ATM in Visual Basic. I have a table called Authentication in SQL. The Table contains two columns: The NUM_CARD column and the PIN_CARD column. I need to match row (0) column 1, row (1) column (1), row (2) column (1), and so on with the other rows as the card IDs are inserted. How can I do that? Thanks in advance.
The class DBConnection is the following:
Imports System
Imports System.Data.Sql
Imports System.Data.SqlClient
Public Class clsDBConnection
'Class variables'
Public cn As SqlConnection
Public cmd As SqlCommand
Public dr As SqlDataReader
'Constructor of the Connection class that creates the connection'
Sub New()
Try
cn = New SqlConnection("Data Source=JOVALLES-PC\SQLSERVEREX;Initial Catalog=SigmasBank;Integrated Security=True")
cn.Open()
Catch ex As Exception
MsgBox("Error connecting due to:: " + ex.ToString)
End Try
End Sub
'Returns true or false if the record exists or not in the database'
Function validationAutentication_p1(ByVal NUM_CARD As String) As Boolean
Dim result As Boolean = False
Try
cmd = New SqlCommand("Select * from Autentication where NUM_CARD='" & NUM_CARD & "'", cn)
dr = cmd.ExecuteReader
If dr.HasRows Then
result = True
End If
dr.Close()
Catch ex As Exception
MsgBox("Error in the procedure: " + ex.ToString)
End Try
Return result
End Function
Function validationAutentication_p2(ByVal PIN_CARD As String) As Boolean
Dim result As Boolean = False
Try
cmd = New SqlCommand("Select * from Autentication where PIN_CARD='" & PIN_CARD & "'", cn)
dr = cmd.ExecuteReader
If dr.HasRows Then
result = True
End If
dr.Close()
Catch ex As Exception
MsgBox("Error in the procedure: " + ex.ToString)
End Try
Return result
End Function
End Class
Insert Card ID Form:
Public Class FRM_InsertCardID
Public conn As New clsDBConnection
Private Sub BTN_Ok_Click(sender As Object, e As EventArgs) Handles BTN_Ok.Click
If TXB_CardID.Text.Length = 0 Then
MsgBox("Please fill in field.")
ElseIf TXB_CardID.Text.Length > 0 And TXB_CardID.Text.Length < 16 Then
MsgBox("Your Card ID must be 16 digits.")
ElseIf conn.validationAutentication_p1(TXB_CardID.Text) = False Then
MsgBox("The Card ID doesn't exist.")
Else
FRM_PIN.Show()
Me.Hide()
TXB_CardID.Text = ""
End If
End Sub
Insert PIN form:
Public Class FRM_PIN
Public conn As New clsDBConnection
Private Sub BTN_Ok_Click(sender As Object, e As EventArgs) Handles BTN_Ok.Click
If TXB_PIN.Text.Length = 0 Then
MsgBox("Please fill in field.")
ElseIf TXB_PIN.Text.Length > 0 And TXB_PIN.Text.Length < 4 Then
MsgBox("Your PIN must be 4 digits.")
ElseIf conn.validationAutentication_p2(TXB_PIN.Text) = False Then
MsgBox("Incorrect PIN Please try again.")
Else
FRM_Transaction.Show()
Me.Hide()
TXB_PIN.Text = ""
End If
End Sub
Not sure if typo causing issue otherwise?? - - Authentication
"I have a table called Authentication in SQL. " " cmd = New SqlCommand("Select * from Autentication where PIN_CARD='" & PIN_CARD & "'", cn)"
Let's start with clsDBConnection
. You do not need to import System
. That is there by default. System.Data.Sql
is never used. Get rid of that too.
One would think that this class is about a database connection. It is not. It contains code for authentication. So rename; something like DataAccess.
Never make connections, commands and readers class level variables. These database objects need to be closed and disposed so the class is not where to declare them. They need to be local variables, local to the method where they are used.
Never, never open a connection until directly before it is used. Ideally the line before an .Execute...
method is called. Be sure it is also closed and disposed as soon as possible. Your code opens a connection and leaves it flapping in the breeze.
What you can do in a DataAccess class is make your connection string a Private class level variable. Private cnString as String = ...
I can't see where you would need a custom constructor at all. Just get rid of Sub New()
I have made the 2 methods in your class Shared
This data is shared by all instances of the class and you do not have declare an instance of the class to use these methods. You can call shared methods just by referencing the name of the class and the method. Also the conString is Shared
because it is used by shared methods.
I decided that the pin number is not necessarily unique since they only go up to 9999. That is why I used 2 parameters for the second method.
Note: I had to guess at the datatype and field size of the SqlParameters. Check your database and adjust the code accordingly.
Public Class FRM_InsertCardID
Private Sub BTN_Ok_Click(sender As Object, e As EventArgs) Handles BTN_Ok.Click
If TXB_CardID.Text.Length = 0 Then
MsgBox("Please fill in field.")
'Don't give the user any information on what a proper card ID consists of
Return
End If
If DataAccess.validationAutentication_p1(TXB_CardID.Text) = False Then
MsgBox("The Card ID doesn't exist.")
Else
FRM_PIN.Show()
'It appears you are using the default instance of FRM_PIN
FRM_PIM.CardID = TXB_CardID.Text
TXB_CardID.Text = ""
Me.Hide()
End If
End Sub
End Class
Public Class FRM_PIN
Friend CardID As String
Private Sub BTN_Ok_Click(sender As Object, e As EventArgs) Handles BTN_Ok.Click
If TXB_PIN.Text.Length = 0 Then
MsgBox("Please fill in field.")
Return 'Exits the sub
End If
If DataAccess.validationAutentication_p2(CardID, TXB_PIN.Text) = False Then
MsgBox("Incorrect PIN Please try again.")
Else
TXB_PIN.Text = ""
FRM_Transaction.Show()
Me.Hide()
End If
End Sub
End Class
Public Class DataAccess
Private Shared conString As String = "Data Source=JOVALLES-PC\SQLSERVEREX;Initial Catalog=SigmasBank;Integrated Security=True"
Public Shared Function validationAutentication_p1(ByVal NUM_CARD As String) As Boolean
Dim result = False
Using cn As New SqlConnection(conString),
cmd As New SqlCommand("Select * from Autentication where NUM_CARD= @NumCARD;", cn)
cmd.Parameters.Add("@NumCard", SqlDbType.VarChar, 16).Value = NUM_CARD
cn.Open()
Using dr = cmd.ExecuteReader
If dr.HasRows Then
result = True
End If
End Using
End Using
Return result
End Function
Public Shared Function validationAutentication_p2(ByVal CardID As String, ByVal PIN_CARD As String) As Boolean
Dim result = False
Using cn As New SqlConnection(conString),
cmd As New SqlCommand("Select * From Autentication where NUM_CARD = @NumCard AND PIN_CARD=@PinCard;", cn)
cmd.Parameters.Add("@NumCard", SqlDbType.VarChar, 100).Value = CardID
cmd.Parameters.Add("@PinCard", SqlDbType.VarChar, 4).Value = PIN_CARD
cn.Open()
Using dr = cmd.ExecuteReader()
If dr.HasRows Then
result = True
End If
End Using
End Using
Return result
End Function
End Class
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.