-
Nov 4th, 2019, 12:06 PM
#1
Thread Starter
Hyperactive Member
Save PictureBox with public sub module
Hello evey one
Please Gentelman
If you can help me to resolve this problem
My Table ( Table1 )
Fields : Id Type numeric Primary key - Firstname Type Text - Secondname Type Text - AgeYear Type Numeric - Emp_Logo Type Objet Ole
I want make many public sub for add - edit - delete record with database Access
All works very well without image ( PictureBox1 ) .. I want to make a public sub for save PictureBox1 and it use it in all my Forms .
My probleme when i want to save PictureBox1 i got this :
Message error ( no value given for one or more of the required parameters )
This is my code in Module 1:
Code:
Public Sub Load_Data_From_Database(Sql_String As String, dtg As DataGridView)
Dim da As New OleDbDataAdapter
Dim dt As New DataTable
Try
Dim cmd = New OleDbCommand
cmd = New OleDbCommand
With cmd
.Connection = Conne
.CommandText = Sql_String
End With
da.SelectCommand = cmd
da.Fill(dt)
dtg.DataSource = dt
dtg.AutoSizeRowsMode = DataGridViewAutoSizeRowsMode.AllCells
Catch ex As Exception
MsgBox(ex.Message)
Finally
Conne.Close()
da.Dispose()
End Try
End Sub
Public Sub Save_Update_Delete_Data_In_Database(Sql_String As String)
Try
Conne.Open()
Dim Result As Integer
Dim cmd = New OleDbCommand
With cmd
.Connection = Conne
.CommandText = Sql_String
Result = .ExecuteNonQuery()
End With
If Result > 0 Then
MessageBox.Show("Operation Terminee avec succees", "Notify", MessageBoxButtons.OK, MessageBoxIcon.Information)
End If
Catch ex As Exception
MsgBox(ex.Message)
Finally
Conne.Close()
End Try
End Sub
In my Form1 :
Code:
Imports System.Data.OleDb
Imports System.IO
Imports System.Drawing.Imaging
Public Class Form1
Private Sub Form1_Load(sender As Object, e As EventArgs) Handles MyBase.Load
Call Retrieve_Data_From_Database()
End Sub
Private Sub Retrieve_Data_From_Database()
Dim Sql_String As String = "SELECT * From Table1"
Call Load_Data_From_Database(Sql_String, DataGridView1)
End Sub
Private Sub Button2_Click(sender As Object, e As EventArgs) Handles Button2.Click
Dim Sql_String As String = "INSERT INTO Table1 ( Id , FirstName , Secondname , AgeYear , Emp_Logo) VALUES ( '" & TextBox1.Text & "' ,'" & TextBox2.Text & "' , '" & TextBox3.Text & "' , '" & TextBox4.Text & "' , @Emp_Logo)"
Call Save_Update_Delete_Data_In_Database(Sql_String)
Call Retrieve_Data_From_Database()
TextBox1.Clear()
TextBox2.Clear()
TextBox3.Clear()
TextBox4.Clear()
Button1.Enabled = True
Button2.Enabled = False
Button3.Enabled = True
Button4.Enabled = True
End Sub
Private Sub Button3_Click(sender As Object, e As EventArgs) Handles Button3.Click
Dim Sql_String As String = "UPDATE Table1 SET FirstName='" & TextBox2.Text & "' , Secondname='" & TextBox3.Text & "' , AgeYear='" & TextBox4.Text & "' , Emp_Logo= @Emp_Logo Where Id=" & DataGridView1.CurrentRow.Cells(0).Value
Call Save_Update_Delete_Data_In_Database(Sql_String)
Call Retrieve_Data_From_Database()
TextBox1.Clear()
TextBox2.Clear()
TextBox3.Clear()
TextBox4.Clear()
End Sub
Private Sub Button4_Click(sender As Object, e As EventArgs) Handles Button4.Click
Dim Sql_String As String = "DELETE From Table1 Where Id=" & DataGridView1.CurrentRow.Cells(0).Value
Call Save_Update_Delete_Data_In_Database(Sql_String)
Call Retrieve_Data_From_Database()
End Sub
Private Sub DataGridView1_SelectionChanged(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles DataGridView1.SelectionChanged
Try
If DataGridView1.Rows.Count = 0 Then Exit Sub
Using InfoAdapter As New OleDbDataAdapter("SELECT * From Table1 Where Id=" & DataGridView1.CurrentRow.Cells(0).Value & "", Conne)
Dim InfoTable As New DataTable
InfoAdapter.Fill(InfoTable)
Me.TextBox1.Text = InfoTable(0)(0)
Me.TextBox2.Text = InfoTable(0)(1)
Me.TextBox3.Text = InfoTable(0)(2)
Me.TextBox4.Text = InfoTable(0)(3)
Dim arrImage() As Byte
arrImage = DataGridView1.CurrentRow.Cells(4).Value
Dim mstream As New System.IO.MemoryStream(arrImage)
PictureBox1.Image = Image.FromStream(mstream)
PictureBox1.SizeMode = PictureBoxSizeMode.StretchImage
End Using
Catch ex As Exception
Return
End Try
End Sub
Private Sub Button11_Click(sender As Object, e As EventArgs) Handles Button11.Click
Try
With OpenFileDialog1
.CheckFileExists = True
.CheckPathExists = True
.DefaultExt = "jpg"
.DereferenceLinks = True
.FileName = ""
.Filter = "(*.jpg)|*.jpg|(*.png)|*.png|(*.jpg)|*.jpg|All files|*.*"
.Multiselect = False
.RestoreDirectory = True
.Title = "Select a file to open"
.ValidateNames = True
If .ShowDialog = DialogResult.OK Then
Try
PictureBox1.Image = Image.FromFile(OpenFileDialog1.FileName)
Catch fileException As Exception
Throw fileException
End Try
End If
End With
Catch ex As Exception
MsgBox(ex.Message, MsgBoxStyle.Exclamation, Me.Text)
End Try
End Sub
Private Sub Save_Image_In_Database(Sql_String As String)
Dim arrImage() As Byte
Dim mstream As New System.IO.MemoryStream()
Try
PictureBox1.Image.Save(mstream, System.Drawing.Imaging.ImageFormat.Jpeg)
arrImage = mstream.GetBuffer()
Dim FileSize As UInt32
FileSize = mstream.Length
mstream.Close()
Conne.Open()
Dim InfoCommand = New OleDbCommand
With InfoCommand
.Connection = Conne
.CommandText = Sql_String
.Parameters.AddWithValue("@Emp_Logo", arrImage)
.ExecuteNonQuery()
End With
Catch ex As Exception
MsgBox(ex.Message)
Finally
Conne.Close()
End Try
End Sub
End Class
Thank you in advance for help
Cordially
MADA
Last edited by MADA BLACK; Nov 4th, 2019 at 12:38 PM.
-
Nov 4th, 2019, 05:26 PM
#2
Re: Save PictureBox with public sub module
You need to first learn how to use parameters in ADO.NET. You're half doing it for the Image but not doing it at all for any of the other values. Do it fully for ALL values. Follow the Blog link in my signature below and check out my post on Parameters In ADO.NET. Change your code to use parameters for ALL values you want to send to the database and then, if it still doesn't work, post back and show us the new code.
Also, don't just post all your code. It means that we have to waste time wading through it to work out what part of it relates to the issue you're asking about. You need to work out, to the best of your ability, what part of the code is relevant and then post that.
Finally, you really ought to stop accepting default names for controls, e.g. Button1 and TextBox1, and put some thought into what they are for and name them accordingly.
-
Nov 4th, 2019, 05:51 PM
#3
Thread Starter
Hyperactive Member
Re: Save PictureBox with public sub module
Thanks very much jmcilhinney for the advice .. but everything works fine without parmeters except the image recording in my database .. I want to continue with this code for the image too .. Cordially
-
Nov 4th, 2019, 07:26 PM
#4
Re: Save PictureBox with public sub module
If you want to do it the wrong way then suffer the consequences. You deserve what you get. There's a right way to do it. Do it.
Last edited by jmcilhinney; Nov 4th, 2019 at 07:30 PM.
-
Nov 4th, 2019, 07:34 PM
#5
Re: Save PictureBox with public sub module
You basically have no choice but to use parameters with an Image because the binary data can't be represented as text (unless you can use base-64, which I don't think you can. If you're going to use a parameter for an Image then you may as well do it for the other values but you should be anyway. There are a number of reasons to do so. For instance, if someone has the surname O'Brien then your app is going to crash. Well done! Another is that, in some circumstances, a malicious user could delete all the data in your database. Well done again! If you're too lazy to do it the right way then, as I said, you deserve what you get. The information is there if you care to use it but I'm not going to waste any more of my time on this.
Correction: your app won't crash on O'Brien because you have exception handling but it won't work as intended, so you'd have to change the code to work by either doing the right thing and using parameters or using a dodgy workaround that still leaves you open to all the other issues.
Last edited by jmcilhinney; Nov 4th, 2019 at 07:49 PM.
-
Nov 4th, 2019, 07:37 PM
#6
Re: Save PictureBox with public sub module
What John is referring to is that doing queries the way you are, where you concatenate in user supplied strings, leaves you open to SQL Injection attacks. Additionally, you can run into formatting issues with that approach, but that's probably a lesser issue. After all, if you get the formatting wrong, it'll just fail, whereas with a SQL Injection attack, a malicious person could erase your database.
Now, it may be that you aren't concerned about that. Perhaps this will only be used internally by just you, or by just a handful of people who won't be interested in causing havoc, but it's a bad habit to be getting into. Perhaps some day you'd use that on a public facing program, and...poof...your database disappears.
EDIT: Yeah, but you DID spend more time on this, while I was spending some time on this. Now I just look redundant.
My usual boring signature: Nothing
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|