No value given for one or more required parameters. During SelectStatment

[amcbdc1]

I am having a problem trying to run a Select Statment. I am using VB
and ASP.Net 2.0 is on the server. I am connecting to an Access
Database. Everything is working just fine on my test machine, but
doesn't like our Production Server. It keeps giving me this error
message:

* Message: No value given for one or more required parameters.
* Source: Microsoft JET Database Engine
* Stack Trace: at
System.Data.OleDb.OleDbCommand.ExecuteCommandTextForSingleResult(tagDBPARAMS
dbParams, Object& executeResult) at
System.Data.OleDb.OleDbCommand.ExecuteCommandText(Object&
executeResult) at
System.Data.OleDb.OleDbCommand.ExecuteCommand(CommandBehavior
behavior, Object& executeResult) at
System.Data.OleDb.OleDbCommand.ExecuteReaderInternal(CommandBehavior
behavior, String method) at
System.Data.OleDb.OleDbCommand.ExecuteReader(CommandBehavior behavior)
at System.Data.OleDb.OleDbCommand.ExecuteReader() at
ASP.members_login_aspx.ValidateUser(Object Sender, EventArgs E) in d:
\Hosts\vapa.org\wwwroot\members\login.aspx:line 73
* Target Site: ExecuteCommandTextForSingleResult
* SQL: SELECT members.id, members.last_name, members.full_name,
members.failed_attempts, members.active FROM members WHERE members.id
= 1042

This is my code:

If Page.IsValid = True Then
Dim strDebug = "True"
Dim strSQL As String
Dim intCurrentFailedAttempts As Integer
Dim strUID As String
Dim strPWD As String
strUID = Trim(txtUID.Text)
strPWD = Trim(txtPWD.Text)

strSQL = "SELECT members.id, members.last_name, members.full_name,
members.failed_attempts, members.active FROM members WHERE members.id
= " & strUID

Dim objConnection As New
OleDbConnection( System.Configuration.ConfigurationSettings.AppSettings("ConnectionString") )
Dim cmdSelectData As New OleDbCommand(strSQL, objConnection)
Dim drAccountData As OleDbDataReader

Try
objConnection.Open()
drAccountData = cmdSelectData.ExecuteReader()
...

The code keeps breaking when it gets to drAccountData =
cmdSelectData.ExecuteReader():
I have tried using different variations of the Select Statement and
even tried to change it from a string to an integer (since all ID's
are integers...) using Convert.ToInt32(Trim(txtUID.Text)) and I still
receive the same error message.

Does anyone have a suggestion on how I can resolve this problem.

Thanks,
Brian

 

[jp2msft]

What is the value returned whenever you enter
"Convert.ToInt32(Trim(txtUID.Text))"?

From what I have read, you can only convert a string to a Decimal. After
that, you can convert your Decimal to an Int32.

That might solve your problem.

 

[Rad [Visual C# MVP]]

I am having a problem trying to run a Select Statment. I am using VB
and ASP.Net 2.0 is on the server. I am connecting to an Access
Database. Everything is working just fine on my test machine, but
doesn't like our Production Server. It keeps giving me this error
message:

* Message: No value given for one or more required parameters.
* Source: Microsoft JET Database Engine
* Stack Trace: at
System.Data.OleDb.OleDbCommand.ExecuteCommandTextForSingleResult(tagDBPARAMS
dbParams, Object& executeResult) at
System.Data.OleDb.OleDbCommand.ExecuteCommandText(Object&
executeResult) at
System.Data.OleDb.OleDbCommand.ExecuteCommand(CommandBehavior
behavior, Object& executeResult) at
System.Data.OleDb.OleDbCommand.ExecuteReaderInternal(CommandBehavior
behavior, String method) at
System.Data.OleDb.OleDbCommand.ExecuteReader(CommandBehavior behavior)
at System.Data.OleDb.OleDbCommand.ExecuteReader() at
ASP.members_login_aspx.ValidateUser(Object Sender, EventArgs E) in d:
\Hosts\vapa.org\wwwroot\members\login.aspx:line 73
* Target Site: ExecuteCommandTextForSingleResult
* SQL: SELECT members.id, members.last_name, members.full_name,
members.failed_attempts, members.active FROM members WHERE members.id
= 1042

This is my code:

If Page.IsValid = True Then
Dim strDebug = "True"
Dim strSQL As String
Dim intCurrentFailedAttempts As Integer
Dim strUID As String
Dim strPWD As String
strUID = Trim(txtUID.Text)
strPWD = Trim(txtPWD.Text)

strSQL = "SELECT members.id, members.last_name, members.full_name,
members.failed_attempts, members.active FROM members WHERE members.id
= " & strUID

Dim objConnection As New
OleDbConnection( System.Configuration.ConfigurationSettings.AppSettings("ConnectionString") )
Dim cmdSelectData As New OleDbCommand(strSQL, objConnection)
Dim drAccountData As OleDbDataReader

Try
objConnection.Open()
drAccountData = cmdSelectData.ExecuteReader()
...

The code keeps breaking when it gets to drAccountData =
cmdSelectData.ExecuteReader():
I have tried using different variations of the Select Statement and
even tried to change it from a string to an integer (since all ID's
are integers...) using Convert.ToInt32(Trim(txtUID.Text)) and I still
receive the same error message.

Does anyone have a suggestion on how I can resolve this problem.

Thanks,
Brian

1) Check if the field names in your query are correctly spelt. If I
remember correctly Access treats anything it does not recognize as a column
name as a parameter
2) Your code is vulnerable to SQL injection attacks. Try and use
parameterized queries