printmedia
asked on
DBNull is a type and cannot be used as an expression in VB.NET
Hi all.
I have the code below that checks to see if the Notes textbox is left blank. If it is left blank then I want it to insert NULL into that table field. But I'm getting an error saying DBNULL is a type and cannot be used as an expression. How can I get it to insert NULL, currently it enters a blank ("") if the Notes textbox has no data in it. Thank you in advance.
I have the code below that checks to see if the Notes textbox is left blank. If it is left blank then I want it to insert NULL into that table field. But I'm getting an error saying DBNULL is a type and cannot be used as an expression. How can I get it to insert NULL, currently it enters a blank ("") if the Notes textbox has no data in it. Thank you in advance.
Dim NotevalueToPutInDatabase As String
If (String.IsNullOrEmpty(txtNotes.Text)) Then
NotevalueToPutInDatabase = DBNull
Else
NotevalueToPutInDatabase = txtNotes.Text
End If
Craig Wagner
Use DBNull.Value
ASKER
I tried DBNull.Value and I get the error:
Value of type 'System.DBNull' cannot be converted to 'String'.
The textbox is inserting into datatype: nvarchar (500) that allows Nulls.
Value of type 'System.DBNull' cannot be converted to 'String'.
The textbox is inserting into datatype: nvarchar (500) that allows Nulls.
This has nothing to do with what is in the database or how the column is defined in the database. You are trying to assign DBNull to a .NET string variable (which I didn't notice at first).
Simply assign null (Nothing in VB.Net I believe) to the string in your property.
Simply assign null (Nothing in VB.Net I believe) to the string in your property.
If (String.IsNullOrEmpty(txtNotes.Text)) Then
NotevalueToPutInDatabase = Nothing
Else
NotevalueToPutInDatabase = txtNotes.Text
End IfASKER
Thanks.
I did as you suggested and it didn't put NULL but ''.
Is it ok if the table has '' instead of NULLs?
I did as you suggested and it didn't put NULL but ''.
Is it ok if the table has '' instead of NULLs?
Can you show the code you use to insert data?
ASKER
Here is the code:
Dim NotevalueToPutInDatabase As String
If (String.IsNullOrEmpty(txtNotes.Text)) Then
NotevalueToPutInDatabase = Nothing
Else
NotevalueToPutInDatabase = txtNotes.Text
End If
Dim con As New SqlConnection
Dim cmd As New SqlCommand
con.ConnectionString = "Data Source=myserver;Initial Catalog=mydb;Integrated Security=True"
con.Open()
cmd.Connection = con
cmd.CommandText = "INSERT INTO ItemQuote( MasterItemNumber, Description, SLXID, QuoteDate, UnitCost, QuotedCost, Notes) VALUES ('" & txtMasterItemNo.Text & "', '" & txtDescription.Text & "', '" & txtSLXID.Text & "', '" & txtQuoteDate.Text & "', " & txtUnitCost.Text & ", " & txtQuotedCost.Text & ", '" & NotevalueToPutInDatabase & "')"
cmd.ExecuteNonQuery()
MsgBox("Item has been submitted")
con.Close()
That code would explain why you're getting an empty string in the database. When you concatenate all that together you're inserting '' into the column. You really should be using parameterized queries to prevent SQL injection attacks. I'll put together a simplified example in a few minutes.
ASKER
Ok thank you. But I thought SQL injection attacks were only for web forms not windows forms. This is an in-house form on our network not on the web.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Great thanks Craig.
I converted UnitCost and QuotedCost to decimal like this and it worked fine and it is now inserting NULL when the Notes textbox is left blank.
Thanks again for your help and I'll read up on sql injections.
I converted UnitCost and QuotedCost to decimal like this and it worked fine and it is now inserting NULL when the Notes textbox is left blank.
Thanks again for your help and I'll read up on sql injections.
cmd.Parameters.AddWithValue("@UnitCost", Decimal.Parse(txtUnitCost.Text))
cmd.Parameters.AddWithValue("@QuotedCost", Decimal.Parse(txtQuotedCost.Text))