Conversion from string " updat Employee set fname='p' to type 'Integer' is not valid

Question

0.00/5 (No votes)

See more:

Hello

I want update when I click sumit it to line:

Catch ex As Exception<br />
            MsgBox("Can not Update Data : " & & ex.Message, MsgBoxStyle.Critical, "Error Meaage")<br />
                Exit Sub

MsgBox error:

Can not Update Data: Conversion from string "update Employee set  minit='ppp'" to type 'Integer' is not valid.

I don't know what it mean ?

my code:

VB

    Protected Sub submit_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles submit.Click
        Dim con As SqlConnection
        Dim da As SqlDataAdapter = New SqlDataAdapter
        Dim ds As DataSet = New DataSet()
        Dim sqlcommand As String
        Dim sqlcmd As SqlCommand
        Dim rowaffected As Integer

        con = New SqlConnection(connStr)

        If (Request.QueryString("edit") <> "") Then
            sqlcommand = "update Employee set "
            sqlcommand &= "fname= '" & FirstName.Text.Trim & "',"
            sqlcommand &= "minit= '" & minit.Text.Trim & "',"
            sqlcommand &= "LNAME= '" & LastName.Text.Trim & "',"

            sqlcommand &= "ADDRESS= '" & Address.Text.Trim & "',"

            If male.Checked = True Then
                sqlcommand &= "sex = 'M' , "
            Else
                sqlcommand &= "sex = 'F' , "
            End If
            sqlcommand &= "salary= '" & Salary.Text.Trim & "',"
            sqlcommand &= "dno= '" & Department.SelectedValue & "' "
            sqlcommand &= "where ssn= '" & Request.QueryString("edit").ToString & "'"


            Try
                sqlcmd = New SqlCommand
                con.Open()
                sqlcmd.CommandType = CommandType.Text
                sqlcmd.CommandType = sqlcommand
                sqlcmd.Connection = con
                rowaffected = sqlcmd.ExecuteNonQuery

            Catch ex As Exception
            MsgBox("Can not Update Data : " & & ex.Message, MsgBoxStyle.Critical, "Error Meaage")
                Exit Sub
            Finally
                con.Close()
                Response.Redirect("sql8.aspx")
            End Try
        Else
            sqlcommand = " insert into employee (ssn, fname,minit, lname,"
            sqlcommand &= " address,sex,salary, dno) values("
            sqlcommand &= "'" & SSN.Text.Trim & "',"
            sqlcommand &= "'" & firstName.Text.Trim & "',"
            sqlcommand &= "'" & minit.Text.Trim & "',"
            sqlcommand &= "'" & LastName.Text.Trim & "',"

            sqlcommand &= "'" & Address.Text.Trim & "',"
            If male.Checked = True Then
                sqlcommand &= "'M',"
            Else
                sqlcommand &= "'F',"

            End If
            sqlcommand &= "'" & Salary.Text.Trim & "',"
            sqlcommand &= "'" & Department.Text.Trim & "')"
            Try
                sqlcmd = New SqlCommand
                con.Open()

                sqlcmd.CommandType = CommandType.Text
                sqlcmd.CommandText = sqlcommand
                sqlcmd.Connection = con
                rowaffected = sqlcmd.ExecuteNonQuery

            Catch ex As Exception
                MsgBox("Can not Insert Data : " & ex.Message, MsgBoxStyle.Critical, "Error Meaage")
                Exit Sub
            Finally
                con.Close()

            End Try
        End If
    End Sub

    Protected Sub Button1_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button1.Click
        Response.Redirect("sql8.aspx")
    End Sub

End Class

Posted 20-Aug-11 8:54am

ketch_46

Updated 20-Aug-11 9:08am

thatraja

v2

Add a Solution

3 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Not Active · Answer 1 · 2011-08-20T18:58:00

First of all you should not be using unvalidated user input in your SQL statements and you should certainly not be using string concatenation to form the statements. There has been so much written about the dangers of either of these methods. Why do people continue to use them?
Use a parametrized query at least.

Mahendra.p25 · Answer 2 · 2011-08-20T21:36:00

Solution 2

try This

You are sending values before converting them into integer you need to convert them first.

Convert.ToInt32(minit.Text)

/* Or Other Vlues which needed convertion according to the table columnname DataTypes

Posted 20-Aug-11 21:36pm

Mahendra.p25

RaisKazi · Answer 3 · 2011-08-20T21:52:00

Agree with Mark. Plain concatenated SQL string may invite SQL-Injection problem.

Your Code. You have assigned "SQL Query" to CommandType which is wrong.

VB

sqlcmd = New SqlCommand
con.Open()
sqlcmd.CommandType = CommandType.Text
sqlcmd.CommandType = sqlcommand
sqlcmd.Connection = con
rowaffected = sqlcmd.ExecuteNonQuery

Try by changing it as below.

VB

sqlcmd = New SqlCommand
con.Open()
sqlcmd.CommandType = CommandType.Text
sqlcmd.CommandText = sqlcommand
sqlcmd.Connection = con
rowaffected = sqlcmd.ExecuteNonQuery

Conversion from string " updat Employee set fname='p' to type 'Integer' is not valid

3 solutions

Solution 1

Solution 2

Solution 3

Add your solution here

Preview 0