Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 663
  • Last Modified:

ASP.NET 2.0/c#: Passing decimal as parameter in parameterized sql query using MySql

Hi Experts!

I am working on a web application in ASP.NET 2.0.

I have a webform, on which users can input data in textboxes, which is then send to the MySql database by a parameterized query.

The problem is, if I use decimals, then somehow the query just get mangled and doesn't execute.

This is probably because the decimal has a comma seperator, which wrecks the insert query.

Example:

dec NoOfHours = Convert.ToDecimal(txtNoOfHours.Text);
MySqlCommand updCommand = new MySqlCommand();
            updCommand.Connection = myConnection;
updCommand.CommandText = "INSERT INTO items (NoOfHours) VALUES (?NoOfHours)"
            updCommand.Parameters.Add(new MySqlParameter("?NoOfHours", NoOfHours));
myConnection.Open()
updCommand.ExecuteNonQuery();    //it breaks here, giving me a wrong sql syntax error.



Anyone able to help me out here?

Thanks!

0
DarkXiphoid
Asked:
DarkXiphoid
1 Solution
 
MogalManicCommented:
Have you tried removing the commas?
0
 
Raynard7Commented:
You need to escape the string,

Normally you would use the mysql_real_escape_string() in the C API,

But if it is a numerical field, and you know all you are getting is , then you can just do a replace in the string replacing a , with  \,

ie

$123,334.33

would go to

$123\,334.33

Which will remove your problem
0
 
vo1dCommented:
what about this:
dec NoOfHours = decimal.Parse(txtNoOfHours.Text, NumberStyles.Currency);
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now