Problem with ++ string operator in VB.NET

5 pts.
Tags:
Integer
SQL
VB .NET
Visual Basic .NET
command3 = New Data.SqlClient.SqlCommand("UPDATE Products SET Stock=" + numU + " Where ProductName='" + proName + "'", connection3) At the code snippet above, numU is integer and when i execute it in insert at sql server as a double so it throws me an error and says me that its a double and you try to put in integer ... Why this happens? how can avoid this error? I ahve visual studio 2005 and when i put my cursor on numU says Dim numU as integer and when i put the cursor to + it says me double...

Answer Wiki

Thanks. We'll let you know when a new response is added.

We didn’t get an answer to the details request, but for anyone having similar problems, the recommendation would be: “For security reasons DO NOT construct your SQL statements dinamically unless it is strictly necessary”.

You should parameterize the statements instead.

Something like this:

<pre>
command3 = New Data.SqlClient.SqlCommand(“UPDATE Products SET Stock = :psTock WHERE ProductName = :pProductName”, connection3)
command3.Parameters.AddWithValue(“psTock”,numU)
command3.Parameters.AddWithValue(“pProductName”,proName)
command3.ExecuteNonQuery()
</pre>

Discuss This Question: 1  Reply

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • carlosdl
    I would put the constructed update statement in a string variable, and display it before adding it to the sqlCommand, to see how it looks. Have you tried executing the command with a fixed number ? (for example "UPDATE Products SET Stock= 100 Where ProductName='" + proName + "'") Could you post the exact error message ?
    69,240 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following