Seat reservation VB project

Question

0.00/5 (No votes)

See more:

Hi guys so i have this project that i am building for a seat reservation program for a cinema using vb.net and access database.I am using pictureboxes as my seats and also i have row numbers and column numbers ,so i want when i click a picturebox it show the seat number and row number automatically and also so booked seats when the form reloads but so far the code only changes to the images that i have code for when it is booked and nothing goes to the database to show booked seats .I need you help guys.Take a look that my vb code.

What I have tried:

VB

Imports System.Data.OleDb
Public Class Form1

    Dim availableicon As New System.Drawing.Bitmap(My.Resources.available)
    Dim provisionalicon As New System.Drawing.Bitmap(My.Resources.provisional)
    Dim bookedicon As New System.Drawing.Bitmap(My.Resources.booked)


    Private Sub Form1_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
        Dim c As Control

        For Each c In Me.Controls
            If TypeOf (c) Is PictureBox Then
                CType(c, PictureBox).Image = availableicon
                AddHandler c.Click, AddressOf A10_Click
            End If
            Dim stSQL As String
            stSQL = "SELECT BookingID,CustomerID,seat From Bookings"

            Dim ConnectionString As String
            ConnectionString = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source=C:\Users\West\Desktop\TMS\TicketBooking.accdb"

            Dim conBookings As OleDbConnection

            conBookings = New OleDbConnection
            conBookings.ConnectionString = ConnectionString
            conBookings.Open()

            Dim cmdSelectBookings As OleDbCommand
            cmdSelectBookings = New OleDbCommand
            cmdSelectBookings.CommandText = stSQL
            cmdSelectBookings.Connection = conBookings

            Dim databaseBookings As New DataSet
            Dim databookings As New OleDbDataAdapter(cmdSelectBookings)
            databookings.Fill(databaseBookings, "Bookings")
            conBookings.Close()

            'MessageBox.Show(databaseBookings.Tables("Bookings").Rows.Count)

           
        Next
        Call UpdateBookings()
    End Sub
        Sub UpdateBookings()
        Dim stSQL As String
        stSQL = "SELECT BookingID,CustomerID,seat From Bookings"

        Dim ConnectionString As String
        ConnectionString = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source=C:\Users\ West\Desktop\TMS\TicketBooking.accdb"

        Dim conBookings As OleDbConnection

        conBookings = New OleDbConnection
        conBookings.ConnectionString = ConnectionString
        conBookings.Open()

        Dim cmdSelectBookings As OleDbCommand
        cmdSelectBookings = New OleDbCommand
        cmdSelectBookings.CommandText = stSQL
        cmdSelectBookings.Connection = conBookings

        Dim databaseBookings As New DataSet
        Dim databookings As New OleDbDataAdapter(cmdSelectBookings)
        databookings.Fill(databaseBookings, "Bookings")
        conBookings.Close()
    End Sub




    Private Sub picturebox10_Click(ByVal sender As System.Object, ByVal e As System.EventArgs)
        If CType(sender, PictureBox).Image Is availableicon Then
            CType(sender, PictureBox).Image = provisionalicon
        ElseIf CType(sender, PictureBox).Image Is provisionalicon Then
            CType(sender, PictureBox).Image = bookedicon




        End If
    End Sub

    Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btncontinue.Click
        Dim c As Control
        Dim bselected As Boolean
        For Each c In Me.Controls
            If TypeOf (c) Is PictureBox Then
                If CType(c, PictureBox).Image Is provisionalicon Then
                    bselected = True
                    Exit For
                End If

            End If
        Next
        If bselected = False Then
            MessageBox.Show("please select at least one seat to book")
            Exit Sub
        End If

        Dim stSQLInsert As String
        stSQLInsert = "INSERT INTO Bookings(SEATID,ROW,NUMBER)"
        Dim ConnectionString As String
        ConnectionString = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source=C:\Users\West\Desktop\TMS\TicketBooking.accdb"

        Dim conBookings As OleDbConnection

        conBookings = New OleDbConnection
        conBookings.ConnectionString = ConnectionString
        conBookings.Open()

        Dim cmdSelectBookings As OleDbCommand
        cmdSelectBookings = New OleDbCommand
        cmdSelectBookings.Connection = conBookings




        Dim iseatnum As Integer
        For Each c In Me.Controls
            If TypeOf (c) Is PictureBox Then
                If CType(c, PictureBox).Image Is provisionalicon Then
                    
                    stSQLInsert = "INSERT INTO Bookings(SEATID,ROW,NUMBER) VALUES('" & Me.txtcustomer.Text & "'," & iseatnum & ")"
                    cmdSelectBookings.CommandText = stSQLInsert
                    cmdSelectBookings.ExecuteNonQuery()
                End If
            End If
        Next
        conBookings.Close()

        Call UpdateBookings()

    End Sub
End Class

Posted 24-Jun-18 21:08pm

Antwan Gibbs

Updated 24-Jun-18 22:00pm

OriginalGriff

v2

Add a Solution

Comments

Richard Deeming 26-Jun-18 12:26pm

You declare the iseatnum variable, but you never set it to anything. You'll end up trying to insert 0 for each selected seat.

You're also only passing two values in the VALUES clause, but you've specified three columns. You'll get an exception indicating that your syntax is wrong.

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Patrice T · Answer 1 · 2018-06-24T22:01:00

VB

stSQLInsert = "INSERT INTO Bookings(SEATID,ROW,NUMBER) VALUES('" & Me.txtcustomer.Text & "'," & iseatnum & ")"

Not a solution to your question, but another problem you have.
Never build an SQL query by concatenating strings. Sooner or later, you will do it with user inputs, and this opens door to a vulnerability named "SQL injection", it is dangerous for your database and error prone.
A single quote in a name and your program crash. If a user input a name like "Brian O'Conner" can crash your app, it is an SQL injection vulnerability, and the crash is the least of the problems, a malicious user input and it is promoted to SQL commands with all credentials.
SQL injection - Wikipedia[^]
SQL Injection[^]
SQL Injection Attacks by Example[^]
PHP: SQL Injection - Manual[^]
SQL Injection Prevention Cheat Sheet - OWASP[^]
How can I explain SQL injection without technical jargon? - Information Security Stack Exchange[^]