The parameterized query which was not supplied

Question

I keep getting this error :

The parameterized query '(@AdminEmail nvarchar(4000),@AdminPassword nvarchar(4000))SELECT' expects the parameter '@AdminEmail', which was not supplied.

Code:

Public Function AuthenticateAdmin() As Boolean
    Dim Success As Boolean

    Dim strConn As String
    strConn = ConfigurationManager.ConnectionStrings("HMVDb").ToString
    Dim conn As New SqlConnection(strConn.ToString())

    Dim cmd As New SqlCommand("SELECT * FROM Admin WHERE AdminEmail=@AdminEmail AND Adminpassword=@Adminpassword", conn)
    cmd.Parameters.AddWithValue("@AdminEmail", EMail)
    cmd.Parameters.AddWithValue("@AdminPassword", Password)

    Dim da As New SqlDataAdapter(cmd)

    Dim ds As New DataSet

    conn.Open()
    da.Fill(ds, "Admin")
    conn.Close()

    If ds.Tables("Admin").Rows.Count > 0 Then

        Dim aemail As String = ds.Tables("Admin").Rows(0).Item("AdminEmail")
        Dim apass As String = ds.Tables("Admin").Rows(0).Item("AdminPassword")
        Dim aid As Integer = ds.Tables("Admin").Rows(0).Item("AdminID")
        Dim aname As String = ds.Tables("Admin").Rows(0).Item("AdminName")

        If EMail = aemail And Password = apass Then
            ID = aid ' Shopper ID that identify Ecader
            Name = aname
            Success = True 'Shopper is authenticated
        Else
            Success = False 'Authentication fail
        End If
    End If


    'Return the authentication result to calling program
    Return Success
End Function

Answer 1

Your @AdminEmail variable EMail is null. You cannot pass a null on a required parameter. Use DBNull.Value.

When using null, you are informing Sql Server that you are omitting the parameter. This can be useful for an optional parameter with a default value, but causes an error for a required parameter.

I recommend that you use always use a utility function when passing a value to a command parameter.

For example:

public static object GetDataValue(object value)
{
   if(value == null)
   {
       return DBNull.Value;
   }

   return value;
}

and then use

cmd.Parameters.AddWithValue("@AdminEmail", GetDataValue(EMail))

Answer 2

Is it possible that the EMail property is null (Email is Nothing)? I think you might get that error in that case. Be sure that EMail = String.Empty or EMail = "" before you set your parameter value.

Edit: Or as another answer suggests, you can send DBNull.Value instead if you actually want nulls in your database.

Answer 3

Step through your code and see what the value of Email and Password are. Chances are they are null.