Conversion failed when converting the varchar value 'default.asp?ID =' to data type int.

Posted on 2012-08-14
Medium Priority
Last Modified: 2012-08-14

I'm getting the following error --

Conversion failed when converting the varchar value 'default.asp?ID =' to data type int.

my code is --

CASE WHEN P.Title <> '' THEN P.Title ELSE N.Title END as Title,
CASE WHEN P.ID <> '' THEN 'default.asp?ID ='+P.ID+'&amp='+P.SEOLink ELSE N.AlternativeURL END as URL
from [dbo].[MYNavigation] N
LEFT Join dbo.MyPage P
on N.PageID = P.ID
Where N.Live = 'Y'
Order By NavOrder

Open in new window

Thank you
Question by:garethtnash
LVL 34

Expert Comment

by:Paul MacDonald
ID: 38292085
I just wanted to jump in and say you should be using parameterized queries. Unless you're doing some sort of manual examination, your SQL there is ripe for exploitation.  You will be hacked - it's just a matter of time.

Accepted Solution

DustinKikuchi earned 2000 total points
ID: 38292109
Without seeing your table structure I'm going to guess that P.ID is an INT field and your query is attempting to add your string mathematically rather that concatenate as your are trying to do.  If this is the case, you may need to CAST(P.ID AS varchar(<appropriateLength>) in your statement to perform the concatenation.

Just my initial thought upon seeing the query.

Author Closing Comment

ID: 38292131
Thank you

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Why is this different from all of the other step by step guides?  Because I make a living as a DBA and not as a writer and I lived through this experience. Defining the name: When I talk to people they say different names on this subject stuff l…
Windocks is an independent port of Docker's open source to Windows.   This article introduces the use of SQL Server in containers, with integrated support of SQL Server database cloning.
This video shows, step by step, how to configure Oracle Heterogeneous Services via the Generic Gateway Agent in order to make a connection from an Oracle session and access a remote SQL Server database table.
Viewers will learn how to use the SELECT statement in SQL to return specific rows and columns, with various degrees of sorting and limits in place.
Suggested Courses

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question