I tried a login page in visual studio 2017 asp.net c# web application using MySQL and it shows the following error:
Line 33:queryStr = "SELECT * FROM webapp.userregistration WHERE username='" + usernameTextBox.Text+ "'AND password='" + passwordTextBox.Text; Line 34: cmd = new MySql.Data.MySqlClient.MySqlCommand(queryStr,conn); Line 35:reader = cmd.ExecuteReader(); Line 36: Line 37: name = "";
Source File: C:\Users\HOME\source\repos\WebPage\WebPage\default.aspx.cs Line: 35
Stack Trace:
[MySqlException (0x80004005): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax at line 1]
MySql.Data.MySqlClient.MySqlStream.ReadPacket() +309
MySql.Data.MySqlClient.NativeDriver.GetResult(Int32& affectedRow, Int64& insertedId) +67
MySql.Data.MySqlClient.Driver.GetResult(Int32 statementId, Int32& affectedRows, Int64& insertedId) +17
MySql.Data.MySqlClient.Driver.NextResult(Int32 statementId, Boolean force) +110 MySql.Data.MySqlClient.MySqlDataReader.NextResult() +875 MySql.Data.MySqlClient.MySqlCommand.ExecuteReader(CommandBehavior behavior) +1688 MySql.Data.MySqlClient.MySqlCommand.ExecuteReader() +6 WebPage._default.Submit_Click(Object sender, EventArgs e) in C:\Users\HOME\source\repos\WebPage\WebPage\default.aspx.cs:35
System.Web.UI.WebControls.Button.OnClick(EventArgs e) +9782450
System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument) +204
System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument) +12
System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument) +15
System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData) +35 System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +1639
Code:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System;
using System.Data;
using MySql.Data;
using MySql.Data.MySqlClient;
namespace WebPage
{
public partial class _default : System.Web.UI.Page
{
MySql.Data.MySqlClient.MySqlConnection conn;
MySql.Data.MySqlClient.MySqlCommand cmd;
MySql.Data.MySqlClient.MySqlDataReader reader;
String name;
protected void Page_Load(object sender, EventArgs e)
{
DoSQLQuery();
}
protected void Submit_Click(object sender, EventArgs e)
{
String connString = System.Configuration.ConfigurationManager.ConnectionStrings["WebAppConnString"].ToString();
conn = new MySql.Data.MySqlClient.MySqlConnection(connString);
conn.Open();
String queryStr = "";
queryStr = "SELECT * FROM webapp.userregistration WHERE username='" + usernameTextBox.Text+ "'AND password='" + passwordTextBox.Text;
cmd = new MySql.Data.MySqlClient.MySqlCommand(queryStr,conn);
reader = cmd.ExecuteReader();
name = "";
while (reader.HasRows && reader.Read())
{
{
name = reader.GetString(reader.GetOrdinal("username")) + " " + reader.GetString(reader.GetOrdinal("password"));
}
//if the data matches the rows (username, password), then you enter to the page
if (reader.HasRows)
{
Session["uname"] = name;
Response.BufferOutput = true;
Response.Redirect("login.aspx", false);
}
else
{
passwordTextBox.Text = "invalid user";
}
}
reader.Close();
conn.Close();
}
private void DoSQLQuery()
{
try
{
}
catch (Exception e)
{
passwordTextBox.Text = e.ToString();
}
}
}
}
